| From: | "Magnus Hagander" <mha(at)sollentuna(dot)net> |
|---|---|
| To: | "Gary Doades" <gpd(at)gpdnet(dot)co(dot)uk>, <pgsql-hackers-win32(at)postgresql(dot)org> |
| Subject: | Re: initdb crash |
| Date: | 2004-07-04 12:37:00 |
| Message-ID: | 6BCB9D8A16AC4241919521715F4D8BCE34BDCE@algol.sollentuna.se |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers-win32 |
>> It will require READ permissions on the system directories,
>as well as
>> all the subdirs of the install directory (including bin, lib etc).
>>
>
>I guess this is another area that will have to be carefully
>explained to the Win32 user as
>a consequence of not allowing Administrator to run initdb/postmaster.
>
>I still don't see whats wrong with running as Administrator as
>long as TCPIP comms is
>not enabled. It should be possible to restrict connection only
>from the local PC if running
>as Administrator. This should not pose any security threat, should it?
Can't run without TCPIP on win32...
Anyway. It is a security threat in the way that it helps an indirect
attack. Say a SQL injection attack would suddenly give you local admin
instead of just an unpriv account. A lot better place to get started if
you want to take over a server...
//Magnus
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Gary Doades | 2004-07-04 12:52:24 | Re: initdb crash |
| Previous Message | Magnus Hagander | 2004-07-04 12:34:44 | Re: initdb crash |