| From: | "Magnus Hagander" <mha(at)sollentuna(dot)net> |
|---|---|
| To: | "Gary Doades" <gpd(at)gpdnet(dot)co(dot)uk>, <pgsql-hackers-win32(at)postgresql(dot)org> |
| Subject: | Re: PgSQL not as Administrator - probs on w |
| Date: | 2004-07-04 13:48:38 |
| Message-ID: | 6BCB9D8A16AC4241919521715F4D8BCE34BDD4@algol.sollentuna.se |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers-win32 |
>> We very much do *not* want to go grant a privilege to
>administrator that
>> it doesn't already have. If it is required, it should be
>done manually
>> by the administrator himself.
>>
>> (Oh, and the resource kit is very much *NOT* free. It's a licensed
>> product like others. The supplement is like a servicepack - you still
>> need the original kit license)
>>
>
>Once again you are right. I thought that you may be able to only grant
>the permission for the duration of initdb etc, but there are other
>problems with this anyway.
Yeah. You can enable the privilege temporarily, but actually granting it
in the account database is a bigger operation. (Not to mention how many
eventlog monitors/IDS systems the install is going to trigger if it does
that)
>One other thought. I bit OTT maybe, but if NT does not have a "runas"
>service then why not make one? As we know this is not a problem in
>2000 onwards as the "RunAs" service exists. It should be possible to
>create a service just for the purpose of running initdb (or
>postmaster). A
>service running as local system has the privileges required I
>believe. If
>the service could only start initdb/postmaster then it should
>not pose a
>security risk.
Yeah, that's the uglier way to do it. We could even create a temporary
service, start it, wait for it to stop by itself, and then remove it.
//Magnus
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Gary Doades | 2004-07-04 13:58:37 | Re: initdb crash |
| Previous Message | Magnus Hagander | 2004-07-04 13:47:18 | Re: initdb crash |