Re: Setting restrictedtoken in pg_regress

From: Daniel Gustafsson <daniel(at)yesql(dot)se>
To: Andrew Dunstan <andrew(at)dunslane(dot)net>
Cc: Nathan Bossart <nathandbossart(at)gmail(dot)com>, Michael Paquier <michael(at)paquier(dot)xyz>, PostgreSQL Hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org>
Subject: Re: Setting restrictedtoken in pg_regress
Date: 2023-07-06 20:10:16
Views: Raw Message | Whole Thread | Download mbox | Resend email
Lists: pgsql-hackers

> On 14 Jun 2023, at 13:02, Andrew Dunstan <andrew(at)dunslane(dot)net> wrote:
> On 2023-06-12 Mo 19:43, Nathan Bossart wrote:
>> On Tue, Jun 13, 2023 at 08:29:19AM +0900, Michael Paquier wrote:
>>> I am actually a bit confused with the return value of
>>> CreateRestrictedProcess() on failures in restricted_token.c. Wouldn't
>>> it be cleaner to return INVALID_HANDLE_VALUE rather than 0 in these
>>> cases?
>> My suspicion is that this was chosen to align with CreateProcess and to
>> allow things like
>> if (!CreateRestrictedProcess(...))
> Probably, it's been a while. I doubt it's worth changing at this point, and we could just change pg_regress.c to use a boolean test like the above.

Done that way and pushed, thanks!

Daniel Gustafsson

In response to

Browse pgsql-hackers by date

  From Date Subject
Next Message Justin Pryzby 2023-07-06 20:15:19 Re: warn if GUC set to an invalid shared library
Previous Message Ranier Vilela 2023-07-06 19:22:23 Re: Avoid unncessary always true test (src/backend/storage/buffer/bufmgr.c)