| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Stephen Amadei <amadei(at)dandy(dot)net> |
| Cc: | pgsql-bugs(at)postgresql(dot)org |
| Subject: | Re: Why does Postgres need the /bin/sh? |
| Date: | 2002-05-04 03:37:04 |
| Message-ID: | 24454.1020483424@sss.pgh.pa.us |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs |
Stephen Amadei <amadei(at)dandy(dot)net> writes:
> Hey guys... second post of the day. If you read my last post about
> Postgres 7.2.1 segfaulting on Slackware 8.0, you noted I am trying to
> chroot Postgres. Unfortunately, my chrooted postgres cannot create
> databases due to a 'system' call, which runs '/bin/sh'.
Ah.
> While, IMHO, the safest way to do this would be to code the cp and rm code
> internally, I have patched my copy to do a fork and execl to call the cp
> and rm programs directly (and placed /bin/cp and /bin/rm in the chroot
> jail) as a quick fix... I feel it gives a bit more security.
Why? If you are launching daemon processes with insecure directories
in their $PATH, who are you gonna blame but yourself?
I don't really see an advantage to reinventing the cp and rm wheels
here...
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2002-05-04 03:43:52 | Re: 7.2.1 segfaults. |
| Previous Message | Stephen Amadei | 2002-05-04 03:37:02 | Re: 7.2.1 segfaults. |