]> git.ipfire.org Git - thirdparty/postgresql.git/commit
projects / thirdparty / postgresql.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: d9c1e5e) | patch
Prevent pg_ctl from being run as root. Since it uses configuration files
authorTom Lane <tgl@sss.pgh.pa.us>
Fri, 22 Oct 2004 00:24:33 +0000 (00:24 +0000)
committerTom Lane <tgl@sss.pgh.pa.us>
Fri, 22 Oct 2004 00:24:33 +0000 (00:24 +0000)
commit0b83c1f272165716d9c30911fbeab5dddca3ab18
tree2024c524fa84b07e763167a39869efa2fc9c4268tree | snapshot
parentd9c1e5e1c253996aa9d8d020515b6fbaeaa4dc27commit | diff
Prevent pg_ctl from being run as root.  Since it uses configuration files
owned by postgres, doing "pg_ctl start" as root could allow a privilege
escalation attack, as pointed out by iDEFENSE.  Of course the postmaster would
fail, but we ought to fail a little sooner to protect sysadmins unfamiliar
with Postgres.  The chosen fix is to disable root use of pg_ctl in all cases,
just to be confident there are no other holes.
src/bin/pg_ctl/pg_ctl.sh diff | blob | blame | history
Mirror of https://git.postgresql.org/git/postgresql.git