Tom Lane wrote:
> (a) And there would be untrusted code running as postgres exactly
> why?
Because someone has cracked the PostgreSQL server.
> (b) Seems to me the real security bug here is the mere existence of
> that ioctl call.
Probably. I'm just pointing out the findings about the environment
we're operating in. The fact is that right now "run as postgres to
protect your root account" won't work on some systems and with
unfortunately written init scripts.
--
Peter Eisentraut
http://developer.postgresql.org/~petere/