Thread: pgsql: Fix handling of restricted processes for Windows Vista (mainly),
pgsql: Fix handling of restricted processes for Windows Vista (mainly),
From
mha@postgresql.org (Magnus Hagander)
Date:
Log Message:
-----------
Fix handling of restricted processes for Windows Vista (mainly),
by explicitly adding back the user to the DACL of the new process.
This fixes the failure case when executing as the Administrator
user, which had no permissions left at all after we dropped the
Administrators group.
Dave Page with some modifications from me
Modified Files:
--------------
pgsql/src/bin/initdb:
initdb.c (r1.153 -> r1.154)
(http://anoncvs.postgresql.org/cvsweb.cgi/pgsql/src/bin/initdb/initdb.c?r1=1.153&r2=1.154)
pgsql/src/bin/pg_ctl:
pg_ctl.c (r1.94 -> r1.95)
(http://anoncvs.postgresql.org/cvsweb.cgi/pgsql/src/bin/pg_ctl/pg_ctl.c?r1=1.94&r2=1.95)
pgsql/src/include:
port.h (r1.117 -> r1.118)
(http://anoncvs.postgresql.org/cvsweb.cgi/pgsql/src/include/port.h?r1=1.117&r2=1.118)
pgsql/src/port:
exec.c (r1.57 -> r1.58)
(http://anoncvs.postgresql.org/cvsweb.cgi/pgsql/src/port/exec.c?r1=1.57&r2=1.58)
Re: pgsql: Fix handling of restricted processes for Windows Vista (mainly),
From
Andrew Dunstan
Date:
You have broken the Cygwin build (see buildfarm). Will we need those calls to AddUserToDacl() on Cygwin? If not, the simplest thing would be to #ifdef them out, I guess. cheers andrew Magnus Hagander wrote: > Log Message: > ----------- > Fix handling of restricted processes for Windows Vista (mainly), > by explicitly adding back the user to the DACL of the new process. > This fixes the failure case when executing as the Administrator > user, which had no permissions left at all after we dropped the > Administrators group. > > Dave Page with some modifications from me > > Modified Files: > -------------- > pgsql/src/bin/initdb: > initdb.c (r1.153 -> r1.154) > (http://anoncvs.postgresql.org/cvsweb.cgi/pgsql/src/bin/initdb/initdb.c?r1=1.153&r2=1.154) > pgsql/src/bin/pg_ctl: > pg_ctl.c (r1.94 -> r1.95) > (http://anoncvs.postgresql.org/cvsweb.cgi/pgsql/src/bin/pg_ctl/pg_ctl.c?r1=1.94&r2=1.95) > pgsql/src/include: > port.h (r1.117 -> r1.118) > (http://anoncvs.postgresql.org/cvsweb.cgi/pgsql/src/include/port.h?r1=1.117&r2=1.118) > pgsql/src/port: > exec.c (r1.57 -> r1.58) > (http://anoncvs.postgresql.org/cvsweb.cgi/pgsql/src/port/exec.c?r1=1.57&r2=1.58) > > ---------------------------(end of broadcast)--------------------------- > TIP 3: Have you checked our extensive FAQ? > > http://www.postgresql.org/docs/faq > >
Re: pgsql: Fix handling of restricted processes for Windows Vista (mainly),
From
Magnus Hagander
Date:
AFAIK, we will if we want to run as Administrator on Vista. I'm not sure what we're doing there is actually compatible with it though. And do we care? I'm perfectly fine saying that we don't support that part on cygwin, and just #ifdef the whole thing out there? //Magnus Andrew Dunstan wrote: > > You have broken the Cygwin build (see buildfarm). Will we need those > calls to AddUserToDacl() on Cygwin? If not, the simplest thing would be > to #ifdef them out, I guess. > > cheers > > andrew > > Magnus Hagander wrote: >> Log Message: >> ----------- >> Fix handling of restricted processes for Windows Vista (mainly), >> by explicitly adding back the user to the DACL of the new process. >> This fixes the failure case when executing as the Administrator >> user, which had no permissions left at all after we dropped the >> Administrators group. >> >> Dave Page with some modifications from me >> >> Modified Files: >> -------------- >> pgsql/src/bin/initdb: >> initdb.c (r1.153 -> r1.154) >> >> (http://anoncvs.postgresql.org/cvsweb.cgi/pgsql/src/bin/initdb/initdb.c?r1=1.153&r2=1.154) >> >> pgsql/src/bin/pg_ctl: >> pg_ctl.c (r1.94 -> r1.95) >> >> (http://anoncvs.postgresql.org/cvsweb.cgi/pgsql/src/bin/pg_ctl/pg_ctl.c?r1=1.94&r2=1.95) >> >> pgsql/src/include: >> port.h (r1.117 -> r1.118) >> >> (http://anoncvs.postgresql.org/cvsweb.cgi/pgsql/src/include/port.h?r1=1.117&r2=1.118) >> >> pgsql/src/port: >> exec.c (r1.57 -> r1.58) >> >> (http://anoncvs.postgresql.org/cvsweb.cgi/pgsql/src/port/exec.c?r1=1.57&r2=1.58) >> >> >> ---------------------------(end of broadcast)--------------------------- >> TIP 3: Have you checked our extensive FAQ? >> >> http://www.postgresql.org/docs/faq >> >>
Re: pgsql: Fix handling of restricted processes for Windows Vista (mainly),
From
Andrew Dunstan
Date:
My testing on Vista shows we don't need them for Cygwin. cheers andrew Magnus Hagander wrote: > AFAIK, we will if we want to run as Administrator on Vista. I'm not > sure what we're doing there is actually compatible with it though. And > do we care? I'm perfectly fine saying that we don't support that part > on cygwin, and just #ifdef the whole thing out there? > > //Magnus > > Andrew Dunstan wrote: >> >> You have broken the Cygwin build (see buildfarm). Will we need those >> calls to AddUserToDacl() on Cygwin? If not, the simplest thing would >> be to #ifdef them out, I guess. >> >> cheers >> >> andrew >> >> Magnus Hagander wrote: >>> Log Message: >>> ----------- >>> Fix handling of restricted processes for Windows Vista (mainly), >>> by explicitly adding back the user to the DACL of the new process. >>> This fixes the failure case when executing as the Administrator >>> user, which had no permissions left at all after we dropped the >>> Administrators group. >>> >>> Dave Page with some modifications from me >>> >>> Modified Files: >>> -------------- >>> pgsql/src/bin/initdb: >>> initdb.c (r1.153 -> r1.154) >>> >>> (http://anoncvs.postgresql.org/cvsweb.cgi/pgsql/src/bin/initdb/initdb.c?r1=1.153&r2=1.154) >>> >>> pgsql/src/bin/pg_ctl: >>> pg_ctl.c (r1.94 -> r1.95) >>> >>> (http://anoncvs.postgresql.org/cvsweb.cgi/pgsql/src/bin/pg_ctl/pg_ctl.c?r1=1.94&r2=1.95) >>> >>> pgsql/src/include: >>> port.h (r1.117 -> r1.118) >>> >>> (http://anoncvs.postgresql.org/cvsweb.cgi/pgsql/src/include/port.h?r1=1.117&r2=1.118) >>> >>> pgsql/src/port: >>> exec.c (r1.57 -> r1.58) >>> >>> (http://anoncvs.postgresql.org/cvsweb.cgi/pgsql/src/port/exec.c?r1=1.57&r2=1.58) >>> >>> >>> ---------------------------(end of >>> broadcast)--------------------------- >>> TIP 3: Have you checked our extensive FAQ? >>> >>> http://www.postgresql.org/docs/faq >>> >>> > >
Re: pgsql: Fix handling of restricted processes for Windows Vista (mainly),
From
Magnus Hagander
Date:
I see you've also committed a fix for this. Thanks! //Magnus Andrew Dunstan wrote: > > My testing on Vista shows we don't need them for Cygwin. > > cheers > > andrew > > Magnus Hagander wrote: >> AFAIK, we will if we want to run as Administrator on Vista. I'm not >> sure what we're doing there is actually compatible with it though. And >> do we care? I'm perfectly fine saying that we don't support that part >> on cygwin, and just #ifdef the whole thing out there? >> >> //Magnus >> >> Andrew Dunstan wrote: >>> >>> You have broken the Cygwin build (see buildfarm). Will we need those >>> calls to AddUserToDacl() on Cygwin? If not, the simplest thing would >>> be to #ifdef them out, I guess. >>> >>> cheers >>> >>> andrew >>> >>> Magnus Hagander wrote: >>>> Log Message: >>>> ----------- >>>> Fix handling of restricted processes for Windows Vista (mainly), >>>> by explicitly adding back the user to the DACL of the new process. >>>> This fixes the failure case when executing as the Administrator >>>> user, which had no permissions left at all after we dropped the >>>> Administrators group. >>>> >>>> Dave Page with some modifications from me >>>> >>>> Modified Files: >>>> -------------- >>>> pgsql/src/bin/initdb: >>>> initdb.c (r1.153 -> r1.154) >>>> >>>> (http://anoncvs.postgresql.org/cvsweb.cgi/pgsql/src/bin/initdb/initdb.c?r1=1.153&r2=1.154) >>>> >>>> pgsql/src/bin/pg_ctl: >>>> pg_ctl.c (r1.94 -> r1.95) >>>> >>>> (http://anoncvs.postgresql.org/cvsweb.cgi/pgsql/src/bin/pg_ctl/pg_ctl.c?r1=1.94&r2=1.95) >>>> >>>> pgsql/src/include: >>>> port.h (r1.117 -> r1.118) >>>> >>>> (http://anoncvs.postgresql.org/cvsweb.cgi/pgsql/src/include/port.h?r1=1.117&r2=1.118) >>>> >>>> pgsql/src/port: >>>> exec.c (r1.57 -> r1.58) >>>> >>>> (http://anoncvs.postgresql.org/cvsweb.cgi/pgsql/src/port/exec.c?r1=1.57&r2=1.58) >>>> >>>> >>>> ---------------------------(end of >>>> broadcast)--------------------------- >>>> TIP 3: Have you checked our extensive FAQ? >>>> >>>> http://www.postgresql.org/docs/faq >>>> >>>> >> >>