| From: | "Magnus Hagander" <mha(at)sollentuna(dot)net> |
|---|---|
| To: | "Bruce Momjian" <pgman(at)candle(dot)pha(dot)pa(dot)us>, "Tom Lane" <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | <pgsql-patches(at)postgresql(dot)org> |
| Subject: | Re: [HACKERS] Fix for running from admin account on win32 |
| Date: | 2006-02-05 15:11:26 |
| Message-ID: | 6BCB9D8A16AC4241919521715F4D8BCE92EA3D@algol.sollentuna.se |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-patches |
> > Fine. I just wanted to make sure the decions was being made
> in terms
> > of logic, rather than Win32 cruft avoidance. The previous
> discussion
> > was not clear on this point.
>
> I just came across another problem with this patch. It's not
> complete :(
>
> You can *run* postgresql fine with it, but you can't run
> initdb. Oops.
>
> I'll look at completing it with an update to initdb. There's nothing
> *wrong* with the patch that's in the queue now (that I know
> of, of course), so this is just an extension to it.
Attached is a patch for initdb only (the other patch stands unchanged).
It will make initdb re-exec itself with a restricted token when
available (since we can only control the security of subprocesses)
There's a bit of shared code with pg_ctl (but not all of the exec stuff,
because there is no need for a job object for initdb). I'm unsure if
it's worth putting something in src/port instead for it, so this version
doesn't.
//Magnus
| Attachment | Content-Type | Size |
|---|---|---|
| initdb_restricted.patch | application/octet-stream | 6.1 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2006-02-05 16:02:47 | Re: drop if exists remainder |
| Previous Message | Andrew Dunstan | 2006-02-05 14:44:09 | drop if exists remainder |