| From: | KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | Sam Mason <sam(at)samason(dot)me(dot)uk>, pgsql-general(at)postgresql(dot)org, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: [HACKERS] libpq port number handling |
| Date: | 2009-09-25 01:24:34 |
| Message-ID: | 4ABC1BD2.2060308@ak.jp.nec.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general pgsql-hackers |
Tom Lane wrote:
> Sam Mason <sam(at)samason(dot)me(dot)uk> writes:
>> + if (portnum < 1 || portnum > 65535)
>
> BTW, it strikes me that we could tighten this even more by rejecting
> target ports below 1024. This is guaranteed safe on all Unix systems
> I know of, because privileged ports can only be listened to by root-owned
> processes and we know the postmaster won't be one.
This is just an aside.
The recent Linux system allows to assign a part of root privileges (called
as capabilities) on a certain process.
Example)
# setcap cap_net_bind_service=ep /usr/local/pgsql/bin/postgres
<-- it allows anyone to launch postmaster with cap_net_bind_service capability.
$ pg_ctl -o "-i -p 100" start
$ psql postgres -p 100
psql (8.5devel)
Type "help" for help.
postgres=#
> Even if it's possible, do we want to allow it?
I cannot find any merits.
Thanks,
--
OSS Platform Development Division, NEC
KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com>
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Kris Jurka | 2009-09-25 01:27:42 | Re: [HACKERS] libpq port number handling |
| Previous Message | Tom Lane | 2009-09-25 00:59:25 | Re: [HACKERS] libpq port number handling |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Kris Jurka | 2009-09-25 01:27:42 | Re: [HACKERS] libpq port number handling |
| Previous Message | Tom Lane | 2009-09-25 00:59:25 | Re: [HACKERS] libpq port number handling |