Re: Supporting huge pages on Windows

From: Andres Freund <andres(at)anarazel(dot)de>
To: "Tsunakawa, Takayuki" <tsunakawa(dot)takay(at)jp(dot)fujitsu(dot)com>
Cc: 'Amit Kapila' <amit(dot)kapila16(at)gmail(dot)com>, Magnus Hagander <magnus(at)hagander(dot)net>, Robert Haas <robertmhaas(at)gmail(dot)com>, "pgsql-hackers(at)postgresql(dot)org" <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: Supporting huge pages on Windows
Date: 2017-04-04 06:20:50
Message-ID: 20170404062050.73ykixrsu3zb5mvd@alap3.anarazel.de
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

On 2017-01-05 03:12:09 +0000, Tsunakawa, Takayuki wrote:
> From: pgsql-hackers-owner(at)postgresql(dot)org
> > [mailto:pgsql-hackers-owner(at)postgresql(dot)org] On Behalf Of Magnus Hagander
> > For the pg_ctl changes, we're going from removing all privilieges from the
> > token, to removing none. Are there any other privileges that we should be
> > worried about? I think you may be correct in that it's overkill to do it,
> > but I think we need some more specifics to decide that.
>
> This page lists the privileges. Is there anyhing you are concerned about?
>
> https://msdn.microsoft.com/ja-jp/library/windows/desktop/bb530716(v=vs.85).aspx

Aren't like nearly all of them a concern? We gone from having some
containment (not being to create users, shut the system down, ...), to
none. I do however think there's a fair argument to be made that other
platforms do not have a similar containment (no root, but sudo etc is
still possible), and that the containment isn't super strong.

Can't we, to reduce the size of the behavioural change, just use
AdjustTokenPrivileges() to re-add the privileges we want?

Regards,

Andres

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Andres Freund 2017-04-04 06:26:24 Re: Statement timeout behavior in extended queries
Previous Message Tsunakawa, Takayuki 2017-04-04 06:18:04 Re: Statement timeout behavior in extended queries