| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> |
| Cc: | Magnus Hagander <mha(at)sollentuna(dot)net>, pgsql-patches(at)postgresql(dot)org |
| Subject: | Re: Run-as-admin warning for win32 |
| Date: | 2004-05-04 04:43:32 |
| Message-ID: | 29639.1083645812@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-patches |
Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> writes:
> Tom Lane wrote:
>> Why? If we refuse to run as root on Unix, I do not see an argument for
>> being more forgiving on Windows.
> I am not sure it is as easy to run as non-admin on Win32 as it is to run
> as non-root on Unix. Is it?
Ease of use has nothing to do with this. Given the demonstrated
security weaknesses of Windows, we would be completely irresponsible
to allow Postgres to be started in an obviously-insecure way on that
platform.
In other words, I do not wish to be the author of code that could become
the vector for the next SQL Slammer worm.
I am already deathly afraid of what the Windows port is likely to do
to Postgres' reputation for reliability and security. Do *not* get
me started by proposing that we insert obvious security holes on lame
"ease of use" grounds. Haven't the boys in Redmond already proven
the wrongness of those priorities many times over?
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Christopher Kings-Lynne | 2004-05-04 04:52:03 | Re: ceiling() and power() (SQL2003) |
| Previous Message | Bruce Momjian | 2004-05-04 04:31:15 | Re: Run-as-admin warning for win32 |