Peter Eisentraut <peter_e@gmx.net> writes:
> For your amusement...
> During the time between the daemon launch and it closing it's file
> handles and calling setsid(2) (which some daemons don't do because
> they are buggy) any other code running in the same UID could take over
> the process via ptrace, fork off a child process that inherits the
> administrator tty, and then stuff characters into the keyboard buffer
> with ioctl(fd,TIOCSTI,&c) (*).
(a) And there would be untrusted code running as postgres exactly why?
(b) Seems to me the real security bug here is the mere existence of that ioctl call.
regards, tom lane
