| From: | "Gary Doades" <gpd(at)gpdnet(dot)co(dot)uk> |
|---|---|
| To: | pgsql-hackers-win32(at)postgresql(dot)org |
| Subject: | Re: initdb crash |
| Date: | 2004-07-04 13:58:37 |
| Message-ID: | 40E81B1D.6082.E70537A@localhost |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers-win32 |
On 4 Jul 2004 at 15:47, Magnus Hagander wrote:
>
> This has nothing to do with possible attack vectors using SQL injection,
> for example. The admin starts the service. The SQL injection comes in
> though the webserver at a later time (and hey, if you don't even allow
> that one to connect to your server, then don't bother running it).
> Now sure, this is a bug in the web application, but there are thousands
> of webapps out tehre with just this kind of bug. And by not allowing the
> server to run as admin, we help the admins decrease the surface that
> this kind of attack can actually hit.
>
OK, I'll concede that one. I'd forgotten about web apps running on the same PC as the
DB.
> The one argument I buy is the one for making it easier for developers. I
> guess one way would be a commandline option that permits it to run as
> admin. In doing this, it should also *FORCE* connections to permit
> 127.0.0.1 only, and emit a screenful of warnings about how bad this is.
> But sure, in a developers VM or otherwise secured machine, it's not a
> major issue.
>
I think this is all the Win32 users are asking for, but given the above argument about
web apps it would still represent a small risk.
Thanks,
Gary.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2004-07-04 14:04:30 | Re: initdb crash |
| Previous Message | Magnus Hagander | 2004-07-04 13:48:38 | Re: PgSQL not as Administrator - probs on w |