| From: | Peter Eisentraut <peter_e(at)gmx(dot)net> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us>, PostgreSQL Development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: setuid(geteuid());? |
| Date: | 2001-04-21 18:13:57 |
| Message-ID: | Pine.LNX.4.30.0104212012320.758-100000@peter.localdomain |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Tom Lane writes:
> I said:
> > On machines that have setreuid(), or even better setresuid(), we could
> > force the ruid (and suid for good measure) to match euid. Otherwise we
> > probably should refuse to start unless getuid matches geteuid.
>
> But on third thought, it's not worth the trouble of adding two more
> configure tests to support a configuration that I doubt anyone uses
> anyway (ie, setuid postgres executable). Let's just remove the setuid()
> and add a check for getuid() == geteuid() in main.c.
>
> Peter, unless you've already started in on this, I can take care of it
> --- I see a couple of other nits I want to fix in those two files, too.
Please do. I just ran across it for the session authorization deal, which
would be easy to merge.
--
Peter Eisentraut peter_e(at)gmx(dot)net http://funkturm.homeip.net/~peter
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bruce Momjian | 2001-04-21 19:57:49 | Re: setuid(geteuid());? |
| Previous Message | Tom Lane | 2001-04-21 17:47:23 | Re: setuid(geteuid());? |