From: | Stephen Amadei <amadei(at)dandy(dot)net> |
---|---|
To: | pgsql-bugs(at)postgresql(dot)org |
Subject: | Why does Postgres need the /bin/sh? |
Date: | 2002-05-04 03:23:50 |
Message-ID: | Pine.LNX.4.44.0205032303580.1906-100000@rastaban.dandy.net |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-bugs |
Hey guys... second post of the day. If you read my last post about
Postgres 7.2.1 segfaulting on Slackware 8.0, you noted I am trying to
chroot Postgres. Unfortunately, my chrooted postgres cannot create
databases due to a 'system' call, which runs '/bin/sh'. Having the shell
in my chroot kinda defeats part of why I chrooted in the first place.
I upgraded to 7.2.1, hoping this routine was changed, but it hasn't.
While, IMHO, the safest way to do this would be to code the cp and rm code
internally, I have patched my copy to do a fork and execl to call the cp
and rm programs directly (and placed /bin/cp and /bin/rm in the chroot
jail) as a quick fix... I feel it gives a bit more security.
Can anyone tell me if there is any inherently bad side effects to this?
Or why the "system" call is necessary?
----Steve
Stephen Amadei
Dandy.NET! CTO
Atlantic City, NJ
From | Date | Subject | |
---|---|---|---|
Next Message | Tom Lane | 2002-05-04 03:28:50 | Re: 7.2.1 segfaults. |
Previous Message | Stephen Amadei | 2002-05-04 03:03:56 | 7.2.1 segfaults. |