Postgres Pro
Downloads
Home   >   mailing lists

Re: difficulty running pg on XP as appl. - Mailing list pgsql-general

From Magnus Hagander
Subject Re: difficulty running pg on XP as appl.
Date
Msg-id 9837222c0908130449y27c47116g3c8ca269d9b8e73b@mail.gmail.com
Whole thread Raw
In response to difficulty running pg on XP as appl.  (PG Subscriber <mypgsub@gmail.com>)
List pgsql-general
Tree view 
On Thu, Aug 13, 2009 at 13:21, PG Subscriber<mypgsub@gmail.com> wrote:
> I'm on Windows XP SP 2, trying to run PostgreSQL 8.3.4.
>
> Running postgres.exe gives the error:
>
> "Execution of PostgreSQL by a user with administrative permissions is
> not permitted.
> The server must be started under an unprivileged user ID to prevent
> possible system security compromises. See the documentation for more
> information on how to properly start the server.
> "
>
>
> Now, at the postgres wiki it says:
>
http://wiki.postgresql.org/wiki/Running_%26_Installing_PostgreSQL_On_Native_Windows#Why_do_I_need_a_non-administrator_account_to_run_PostgreSQL_under.3F
> " Why do I need a non-administrator account to run PostgreSQL under?
>
> When a hacker gains entry to a computer using a software bug in a
> package, she gains the permissions of the user account under which the
> service is run. Whilst we do not know of any such bugs in PostgreSQL, we
> enforce the use of a non-administrative service account to minimise the
> possible damage that a hacker could do should they find and utilise a
> bug in PostgreSQL to hack the system.
>
> This has long been common practice in the Unix world, and is starting to
> become standard practice in the Windows world as well as Microsoft and
> other vendors work to improve the security of their systems.
>
> Note, that with the release of PostgreSQL 8.2, it is possible to run
> under a administrative account. PostgreSQL 8.2 and above are able to
> irrevocably give up administrative rights at startup thus ensuring the
> rest of the system remains secure in the extremely unlikely event that
> PostgreSQL becomes compromised.
> "
>
>
> So, I'm running a recent enough version of pg, now how do I get it to
> drop Administrator privs so it will run, rather than give me an error?
> Is there some special command line -c option or something (I would have
> thought this would be outomatic, but evidently not)?
>

The privilege dropping functionality lives in pg_ctl, so it will only
work if you start the server through pg_ctl (or as a service).


--
 Magnus Hagander
 Me: http://www.hagander.net/
 Work: http://www.redpill-linpro.com/

pgsql-general by date:

Previous
From: Alban Hertroys
Date:
Subject: Re: multiple paramters in aggregate function
Next
From: Grzegorz Jaśkiewicz
Date:
Subject: Re: 8.4.0 bug - failure to enforce a foreign key constraint