Prevent pg_ctl from being run as root. Since it uses configuration files

Tom Lane <tgl@sss.pgh.pa.us>

Commit: 0b83c1f272165716d9c30911fbeab5dddca3ab18
Author: Tom Lane <tgl@sss.pgh.pa.us>
Date: 2004-10-22T00:24:33Z
Releases: 7.3.8
Prevent pg_ctl from being run as root.  Since it uses configuration files
owned by postgres, doing "pg_ctl start" as root could allow a privilege
escalation attack, as pointed out by iDEFENSE.  Of course the postmaster would
fail, but we ought to fail a little sooner to protect sysadmins unfamiliar
with Postgres.  The chosen fix is to disable root use of pg_ctl in all cases,
just to be confident there are no other holes.

Files

PathChange+/−
src/bin/pg_ctl/pg_ctl.sh modified +9 −1