For review, comments and possible application to HEAD.
This code implements a warning when the postmaster is started as a
high-privilege account on win32 (administrator or power users).
Previously, postgresql has exited out on Unix when running as root -
this is a similar check, with the following differences:
* We do a ereport(WARNING) instead of exitting out. The reason for this
is that we can expect there are win32 admins that will want to run the
server with a high privilege account. Just sending a warning will permit
this (say, when debugging etc, or if people are just too lazy to care),
while clearly stating it's not a recommended way to do it.
* The Unix check is directly in main.c. We cannot do this on win32,
because at this stage we can only printf and exit. Win32 needs ereport.
Consider when runinng as a service - before we have loaded up
postgresql.conf and noticed we should write to the eventlog, we cannot
inform the user in any way (stderr = /dev/null from a service by
default). Therefor, the win32 check is in PostmasterMain. There might be
a slightly better place to put it, not 100% sure about that..
The win32 specific code is mainly in the file security.c to go in
src/backend/port/win32.
//Magnus
<<security.c>> <<admin_warning.patch>>
---------------------------(end of broadcast)---------------------------
TIP 4: Don't 'kill -9' the postmaster