Re: [HACKERS] TODO list updated - Mailing list pgsql-hackers

From Tom Lane
Subject Re: [HACKERS] TODO list updated
Date
Msg-id 15470.947783429@sss.pgh.pa.us
Whole thread Raw
In response to Re: [HACKERS] TODO list updated  (Karl DeBisschop <kdebisschop@range.infoplease.com>)
Responses Re: [HACKERS] TODO list updated
List pgsql-hackers
Karl DeBisschop <kdebisschop@range.infoplease.com> writes:
>> What I am starting to think is that we do need a C program.  However,
>> it could be very small; it shouldn't try to do all of what initdb does. 
> Why not something like:

> [ fire up a postmaster and send it an ALTER USER command ]

That's got a race condition: at the time you start the postmaster,
the postgres superuser hasn't got a password.  A bad guy could get
in there and set the password the way *he* wanted it, or less
detectably: just connect as postgres, wait for you to set the password,
then read it out (he's still connected as postgres and still has
superuser rights...)

If we thought that was acceptable, the whole issue of setting the
password in initdb (rather than doing it manually later on) wouldn't
be on the table.  The idea is to have a password in place *before*
opening the store.

If Bruce is correct that 'echo' is a shell builtin on all shells,
thenecho "ALTER USER ..." | standalone-backend
seems like a sufficient solution.  I am a little concerned about
that "if", but it may be a close-enough answer.
        regards, tom lane


pgsql-hackers by date:

Previous
From: Karl DeBisschop
Date:
Subject: Re: [HACKERS] TODO list updated
Next
From: The Hermit Hacker
Date:
Subject: Re: [HACKERS] TODO list updated