Juan José Santamaría Flecha <juanjo.santamaria@gmail.com> writes: > On Sat, Oct 26, 2019 at 5:20 PM Tom Lane <tgl@sss.pgh.pa.us> wrote: >> Right, but does cmd.exe have a well-defined location in Windows? >> I don't think we can know which drive it's on, for starters.
> The environment variable COMSPEC [1] should point to the right location.
Hm. I don't have any objection to using COMSPEC if it's set, but of course that changes nothing from a security perspective. It's just a different route by which pg_ctl, pg_upgrade, etc can be misled.
The only impact this will have is finding the CMD executable directly, without having to rely on CreateProcessAsUser() logic.
Please find attached a patch with this simple modification.