| From: | Peter Eisentraut <peter_e(at)gmx(dot)net> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: Fwd: init scripts and su |
| Date: | 2004-08-09 08:17:02 |
| Message-ID: | 200408091017.02555.peter_e@gmx.net |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Tom Lane wrote:
> (a) And there would be untrusted code running as postgres exactly
> why?
Because someone has cracked the PostgreSQL server.
> (b) Seems to me the real security bug here is the mere existence of
> that ioctl call.
Probably. I'm just pointing out the findings about the environment
we're operating in. The fact is that right now "run as postgres to
protect your root account" won't work on some systems and with
unfortunately written init scripts.
--
Peter Eisentraut
http://developer.postgresql.org/~petere/
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Christopher Kings-Lynne | 2004-08-09 08:26:38 | Changing the type of timestamp columns |
| Previous Message | Peter Eisentraut | 2004-08-09 07:30:09 | Re: Postgres development model (was Re: CVS comment) |