Home > mailing lists

Re: Re: BUG #13755: pgwin32_is_service not checking if SECURITY_SERVICE_SID is disabled - Mailing list pgsql-hackers

From	Tsunakawa, Takayuki
Subject	Re: Re: BUG #13755: pgwin32_is_service not checking if SECURITY_SERVICE_SID is disabled
Date	November 22, 2016 07:58:54
Msg-id	0A3221C70F24FB45833433255569204D1F6566FA@G01JPEXMBYT05 Whole thread Raw
In response to	Re: Re: BUG #13755: pgwin32_is_service not checking if SECURITY_SERVICE_SID is disabled (Craig Ringer <craig@2ndquadrant.com>)
Responses	Re: Re: BUG #13755: pgwin32_is_service not checking if SECURITY_SERVICE_SID is disabled
List	pgsql-hackers

Tree view

From: Craig Ringer [mailto:craig@2ndquadrant.com]
> You meant CheckTokenMembership().

Yes, my typo in the mail.

> The proposed patch does need to be checked with:

I understood you meant by "refuse to run" that postgres.exe fails to start below.  Yes, I checked it on Win10.  I don't
haveaccess to WinXP/2003 - Microsoft ended their support.
 
if (pgwin32_is_admin()){    write_stderr("Execution of PostgreSQL by a user with administrative permissions is not\n"
             "permitted.\n"                 "The server must be started under an unprivileged user ID to prevent\n"
"possiblesystem security compromises.  See the documentation for\n"              "more information on how to properly
startthe server.\n");    exit(1);}
 

Regards
Takayuki Tsunakawa

pgsql-hackers by date:

From: Pavel Stehule
Date: 22 November 2016, 07:54:38
Subject: Re: patch: function xmltable

From: "Tsunakawa, Takayuki"
Date: 22 November 2016, 08:43:51
Subject: Re: [RFC] Should we fix postmaster to avoid slow shutdown?

Re: Re: BUG #13755: pgwin32_is_service not checking if SECURITY_SERVICE_SID is disabled - Mailing list pgsql-hackers

Previous

Next