Log Message:
-----------
Prevent pg_ctl from being run as root. Since it uses configuration files
owned by postgres, doing "pg_ctl start" as root could allow a privilege
escalation attack, as pointed out by iDEFENSE. Of course the postmaster would
fail, but we ought to fail a little sooner to protect sysadmins unfamiliar
with Postgres. The chosen fix is to disable root use of pg_ctl in all cases,
just to be confident there are no other holes.
Tags:
----
REL7_3_STABLE
Modified Files:
--------------
pgsql/src/bin/pg_ctl:
pg_ctl.sh (r1.30 -> r1.30.2.1)
(http://developer.postgresql.org/cvsweb.cgi/pgsql/src/bin/pg_ctl/pg_ctl.sh.diff?r1=1.30&r2=1.30.2.1)