Re: Re: BUG #13755: pgwin32_is_service not checking if SECURITY_SERVICE_SID is disabled

On Tue, Nov 22, 2016 at 1:58 PM, Tsunakawa, Takayuki
<tsunakawa(dot)takay(at)jp(dot)fujitsu(dot)com> wrote:
> From: Craig Ringer [mailto:craig(at)2ndquadrant(dot)com]
>> You meant CheckTokenMembership().
>
> Yes, my typo in the mail.
>
>> The proposed patch does need to be checked with:
>
> I understood you meant by "refuse to run" that postgres.exe fails to start below. Yes, I checked it on Win10. I don't have access to WinXP/2003 - Microsoft ended their support.
>
> if (pgwin32_is_admin())
> {
> write_stderr("Execution of PostgreSQL by a user with administrative permissions is not\n"
> "permitted.\n"
> "The server must be started under an unprivileged user ID to prevent\n"
> "possible system security compromises. See the documentation for\n"
> "more information on how to properly start the server.\n");
> exit(1);
> }

I have moved that to next CF. The refactoring patch needs more testing
but the basic fix patch could be applied.
--
Michael