From: | Magnus Hagander <magnus(at)hagander(dot)net> |
---|---|
To: | PG Subscriber <mypgsub(at)gmail(dot)com> |
Cc: | pgsql-general(at)postgresql(dot)org |
Subject: | Re: difficulty running pg on XP as appl. |
Date: | 2009-08-13 11:49:06 |
Message-ID: | 9837222c0908130449y27c47116g3c8ca269d9b8e73b@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-general |
On Thu, Aug 13, 2009 at 13:21, PG Subscriber<mypgsub(at)gmail(dot)com> wrote:
> I'm on Windows XP SP 2, trying to run PostgreSQL 8.3.4.
>
> Running postgres.exe gives the error:
>
> "Execution of PostgreSQL by a user with administrative permissions is
> not permitted.
> The server must be started under an unprivileged user ID to prevent
> possible system security compromises. See the documentation for more
> information on how to properly start the server.
> "
>
>
> Now, at the postgres wiki it says:
> http://wiki.postgresql.org/wiki/Running_%26_Installing_PostgreSQL_On_Native_Windows#Why_do_I_need_a_non-administrator_account_to_run_PostgreSQL_under.3F
> " Why do I need a non-administrator account to run PostgreSQL under?
>
> When a hacker gains entry to a computer using a software bug in a
> package, she gains the permissions of the user account under which the
> service is run. Whilst we do not know of any such bugs in PostgreSQL, we
> enforce the use of a non-administrative service account to minimise the
> possible damage that a hacker could do should they find and utilise a
> bug in PostgreSQL to hack the system.
>
> This has long been common practice in the Unix world, and is starting to
> become standard practice in the Windows world as well as Microsoft and
> other vendors work to improve the security of their systems.
>
> Note, that with the release of PostgreSQL 8.2, it is possible to run
> under a administrative account. PostgreSQL 8.2 and above are able to
> irrevocably give up administrative rights at startup thus ensuring the
> rest of the system remains secure in the extremely unlikely event that
> PostgreSQL becomes compromised.
> "
>
>
> So, I'm running a recent enough version of pg, now how do I get it to
> drop Administrator privs so it will run, rather than give me an error?
> Is there some special command line -c option or something (I would have
> thought this would be outomatic, but evidently not)?
>
The privilege dropping functionality lives in pg_ctl, so it will only
work if you start the server through pg_ctl (or as a service).
--
Magnus Hagander
Me: http://www.hagander.net/
Work: http://www.redpill-linpro.com/
From | Date | Subject | |
---|---|---|---|
Next Message | Grzegorz Jaśkiewicz | 2009-08-13 12:23:00 | Re: 8.4.0 bug - failure to enforce a foreign key constraint |
Previous Message | Alban Hertroys | 2009-08-13 11:44:29 | Re: multiple paramters in aggregate function |