Re: BUG #13755: pgwin32_is_service not checking if SECURITY_SERVICE_SID is disabled
От | MauMau |
---|---|
Тема | Re: BUG #13755: pgwin32_is_service not checking if SECURITY_SERVICE_SID is disabled |
Дата | |
Msg-id | 952A88FFCBDA419EB6D6556B6A8F29C1@tunaPC обсуждение исходный текст |
Ответы |
Re: BUG #13755: pgwin32_is_service not checking if
SECURITY_SERVICE_SID is disabled
|
Список | pgsql-hackers |
Hello, Sorry, I may have had to send this to pgsql-hackers. I just replied to all, which did not include pgsql-hackers but pgsql-bugs because this discussion was on pgsql-bugs. CommitFest app doesn't seem to reflect the mails on pgsql-bugs, so I'm re-submitting this here on pgsql-hackers. From: Michael Paquier (Moved to next CF, with same status "Ready for committer"). I reviewed and tested this patch after simplifying it like the attached one. The file could be reduced by about 110 lines. Please review and/or test it. Though I kept the status "ready for committer", feel free to change it back based on the result. I tested as follows. First, I confirmed that pg_is_admin() still works by running postgres.exe from the Administrator command line: -------------------------------------------------- G:\>postgres Execution of PostgreSQL by a user with administrative permissions is not permitted. The server must be started under an unprivileged user ID to prevent possible system security compromises. See the documentation for more information on how to properly start the server. G:\> -------------------------------------------------- Then, I added the following two elog() calls in postmaster.c so that pg_is_admin() and pg_is_service() works fine. -------------------------------------------------- maybe_start_bgworker(); elog(LOG, "pgwin32_is_admin = %d", pgwin32_is_admin()); elog(LOG, "pgwin32_is_service = %d", pgwin32_is_service()); status = ServerLoop(); -------------------------------------------------- To reproduce the OP's problem, I modified pg_ctl.c to disable SECURITY_SERVICE_RID when spawning postgres.exe. Without the patch, starting the Windows service emit the following log, showing that pg_is_service() misjudged that postgres is running as a Windows service: LOG: pgwin32_is_admin = 0 LOG: pgwin32_is_service = 1 With the patch, the log became correct: LOG: pgwin32_is_admin = 0 LOG: pgwin32_is_service = 0 Regards Takayuki Tsunakawa
Вложения
В списке pgsql-hackers по дате отправления: