Re: libpq port number handling

Tom Lane wrote:
> Sam Mason <sam@samason.me.uk> writes:
>> +        if (portnum < 1 || portnum > 65535)
>
> BTW, it strikes me that we could tighten this even more by rejecting
> target ports below 1024.  This is guaranteed safe on all Unix systems
> I know of, because privileged ports can only be listened to by root-owned
> processes and we know the postmaster won't be one.

This is just an aside.

The recent Linux system allows to assign a part of root privileges (called
as capabilities) on a certain process.

 Example)
 # setcap cap_net_bind_service=ep /usr/local/pgsql/bin/postgres
     <-- it allows anyone to launch postmaster with cap_net_bind_service capability.

 $ pg_ctl -o "-i -p 100" start
 $ psql postgres -p 100
 psql (8.5devel)
 Type "help" for help.

 postgres=#

> Even if it's possible, do we want to allow it?

I cannot find any merits.

Thanks,
--
OSS Platform Development Division, NEC
KaiGai Kohei <kaigai@ak.jp.nec.com>