"Peter J. Holzer" <hjp-pgsql@xxxxxx> writes: > On 2025-07-14 10:07:20 -0400, Tom Lane wrote: >> That is primarily for safety reasons: if for some reason the >> filesystem gets dismounted, or hasn't come on-line yet during >> a reboot, you do not want Postgres to be able to write on the >> underlying mount-point directory. > Be careful: There are two different directorys involved in a mount > point. The one in the parent filesystem and the one in the mounted file > system. True, and the safety requirement really is only that the parent filesystem's mount-point directory not be writable by us. But normal practice is that both directories are root-owned, or at least owned by highly privileged users. (I have a vague idea that there are system-level security hazards, not specific to Postgres, if mount-point directories are publicly writable. Don't feel like researching that though.) regards, tom lane
