database/postgres
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2025-08-12 15:23:02 +03:00
Code Activity

Prevent pg_ctl from being run as root. Since it uses configuration files

Browse Source 
owned by postgres, doing "pg_ctl start" as root could allow a privilege
escalation attack, as pointed out by iDEFENSE.  Of course the postmaster would
fail, but we ought to fail a little sooner to protect sysadmins unfamiliar
with Postgres.  The chosen fix is to disable root use of pg_ctl in all cases,
just to be confident there are no other holes.
This commit is contained in:
Tom Lane
2004-10-22 00:24:39 +00:00
parent 02571d4e20
commit 6acddf56b4
1 changed files with 9 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/bin/pg_ctl/pg_ctl.sh
View File

@@ -8,7 +8,7 @@
# #
# #
# IDENTIFICATION # IDENTIFICATION
# $Header: /cvsroot/pgsql/src/bin/pg_ctl/Attic/pg_ctl.sh,v 1.25 2001/09/29 03:09:32 momjian Exp $ # $Header: /cvsroot/pgsql/src/bin/pg_ctl/Attic/pg_ctl.sh,v 1.25.2.1 2004/10/22 00:24:39 tgl Exp $
# #
#------------------------------------------------------------------------- #-------------------------------------------------------------------------
@@ -109,6 +109,14 @@ fi
po_path="$PGPATH/postmaster" po_path="$PGPATH/postmaster"
if [ `$PGPATH/pg_id -u` -eq 0 ]
then
echo "$CMDNAME: cannot be run as root" 1>&2
echo "Please log in (using, e.g., \"su\") as the (unprivileged) user that will" 1>&2
echo "own the server process." 1>&2
exit 1
fi
wait= wait=
wait_seconds=60 wait_seconds=60
logfile= logfile=