From: | tgl(at)svr1(dot)postgresql(dot)org (Tom Lane) |
---|---|
To: | pgsql-committers(at)postgresql(dot)org |
Subject: | pgsql: Prevent pg_ctl from being run as root. |
Date: | 2004-10-22 00:24:18 |
Message-ID: | 20041022002418.0562432A308@svr1.postgresql.org |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-committers |
Log Message:
-----------
Prevent pg_ctl from being run as root. Since it uses configuration files
owned by postgres, doing "pg_ctl start" as root could allow a privilege
escalation attack, as pointed out by iDEFENSE. Of course the postmaster would
fail, but we ought to fail a little sooner to protect sysadmins unfamiliar
with Postgres. The chosen fix is to disable root use of pg_ctl in all cases,
just to be confident there are no other holes.
Modified Files:
--------------
pgsql/src/bin/pg_ctl:
pg_ctl.c (r1.41 -> r1.42)
(http://developer.postgresql.org/cvsweb.cgi/pgsql/src/bin/pg_ctl/pg_ctl.c.diff?r1=1.41&r2=1.42)
From | Date | Subject | |
---|---|---|---|
Next Message | Tom Lane | 2004-10-22 00:24:27 | pgsql: Prevent pg_ctl from being run as root. |
Previous Message | Tom Lane | 2004-10-21 22:49:06 | pgsql: Update obsolete comments about COPY vs INSERT options, per Uwe |