From: | Michael Paquier <michael(at)paquier(dot)xyz> |
---|---|
To: | Postgres hackers <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Fix pg_rewind which can be run as root user |
Date: | 2018-04-09 05:11:12 |
Message-ID: | 20180409051112.GC1740@paquier.xyz |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
Hi all,
I was just going through pg_rewind's code, and noticed the following
pearl:
/*
* Don't allow pg_rewind to be run as root, to avoid overwriting the
* ownership of files in the data directory. We need only check for root
* -- any other user won't have sufficient permissions to modify files in
* the data directory.
*/
#ifndef WIN32
if (geteuid() == 0)
{
fprintf(stderr, _("cannot be executed by \"root\"\n"));
fprintf(stderr, _("You must run %s as the PostgreSQL superuser.\n"),
progname);
}
#endif
While that's nice to inform the user about the problem, that actually
does not prevent pg_rewind to run as root. Attached is a patch, which
needs a back-patch down to 9.5.
Thanks,
--
Michael
Attachment | Content-Type | Size |
---|---|---|
rewind-root-run.patch | text/x-diff | 404 bytes |
From | Date | Subject | |
---|---|---|---|
Next Message | Kyotaro HORIGUCHI | 2018-04-09 05:19:24 | Re: [HACKERS] [BUGS] Bug in Physical Replication Slots (at least 9.5)? |
Previous Message | Michael Paquier | 2018-04-09 04:59:45 | Re: [HACKERS] [BUGS] Bug in Physical Replication Slots (at least 9.5)? |