Re: Run-as-admin warning for win32

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us>
Cc: Magnus Hagander <mha(at)sollentuna(dot)net>, pgsql-patches(at)postgresql(dot)org
Subject: Re: Run-as-admin warning for win32
Date: 2004-05-04 04:43:32
Message-ID: 29639.1083645812@sss.pgh.pa.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-patches

Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> writes:
> Tom Lane wrote:
>> Why? If we refuse to run as root on Unix, I do not see an argument for
>> being more forgiving on Windows.

> I am not sure it is as easy to run as non-admin on Win32 as it is to run
> as non-root on Unix. Is it?

Ease of use has nothing to do with this. Given the demonstrated
security weaknesses of Windows, we would be completely irresponsible
to allow Postgres to be started in an obviously-insecure way on that
platform.

In other words, I do not wish to be the author of code that could become
the vector for the next SQL Slammer worm.

I am already deathly afraid of what the Windows port is likely to do
to Postgres' reputation for reliability and security. Do *not* get
me started by proposing that we insert obvious security holes on lame
"ease of use" grounds. Haven't the boys in Redmond already proven
the wrongness of those priorities many times over?

regards, tom lane

In response to

Responses

Browse pgsql-patches by date

  From Date Subject
Next Message Christopher Kings-Lynne 2004-05-04 04:52:03 Re: ceiling() and power() (SQL2003)
Previous Message Bruce Momjian 2004-05-04 04:31:15 Re: Run-as-admin warning for win32