=?UTF-8?Q?Juan_Jos=C3=A9_Santamar=C3=ADa_Flecha?= <juanjo.santamaria@gmail.com> writes:
> On Sat, Oct 26, 2019 at 7:44 PM Tom Lane <tgl@sss.pgh.pa.us> wrote:
>> Hm. I don't have any objection to using COMSPEC if it's set, but
>> of course that changes nothing from a security perspective. It's
>> just a different route by which pg_ctl, pg_upgrade, etc can be
>> misled.
> Please find attached a patch with this simple modification.
I poked around a bit for other references to cmd.exe. It looks
like psql's do_shell() is handling this correctly already, but should
we not also fix spawn_process() in src/test/regress/pg_regress.c ?
There are also a couple of references in pg_upgrade's test.sh,
but I don't feel a need to change those.
Another point that could be raised here: seeing that psql honors the
SHELL variable to substitute for /bin/sh, should these other programs
do likewise? I'm inclined to think not, because what psql is doing is
launching an interactive shell, so the user's shell preference should be
honored. In these other cases we want plain old Bourne shell thank you,
so ignoring SHELL seems correct. But it's worth thinking about, and
perhaps adding a comment about.
regards, tom lane