| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | "Magnus Hagander" <mha(at)sollentuna(dot)net> |
| Cc: | "Bruce Momjian" <pgman(at)candle(dot)pha(dot)pa(dot)us>, pgsql-patches(at)postgresql(dot)org |
| Subject: | Re: [HACKERS] Fix for running from admin account on win32 |
| Date: | 2006-02-10 22:08:27 |
| Message-ID: | 2273.1139609307@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-patches |
"Magnus Hagander" <mha(at)sollentuna(dot)net> writes:
> Attached is a patch for initdb only (the other patch stands unchanged).
> It will make initdb re-exec itself with a restricted token when
> available (since we can only control the security of subprocesses)
Applied to HEAD.
> There's a bit of shared code with pg_ctl (but not all of the exec stuff,
> because there is no need for a job object for initdb). I'm unsure if
> it's worth putting something in src/port instead for it, so this version
> doesn't.
I agree that it seems marginal at this point. But if we find ourselves
adding the functionality anyplace else, you should probably factor out
the common code into a /port module.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Kris Jurka | 2006-02-10 22:28:02 | parallel builds with dependencies |
| Previous Message | Tom Lane | 2006-02-10 22:06:50 | Re: Fix for running from admin account on win32 |