On 13 June 2012 00:54, Amit Kapila <amit.kap...@huawei.com> wrote: >>> I note that "postgres -C data_directory" will refuse to run on the >>> command line because I've got admin privileges in Windows, and that >>> pg_ctl normally starts postgres.exe using CreateRestrictedProcess. >>> But it does not do so for the popen call in adjust_data_dir. > >> if that actually is a third bug, as seems likely, somebody with access >> to a windows environment will need to deal with it. > > I am able to reproduce this problem, "that pg_ctl throws error for > administrative user in the mentioned code path". > > One solution to this problem is that pg_ctl invoke itself in a restricted > mode, similar to initdb. > This will allow popen call to be successful in pg_ctl code path.
Perhaps an alternative solution is to get postgres to handle -C calls without checking if it's running as root. The command does not do much more than read the config file, print a value from it, and exit. Unfortunately in src/backend/main/main.c it only does a cursory check for --help and --version. So it would need to become a little more complicated to scan for -C options at that stage. It's not too much if you can assume -C always appears first like the other special options detected in that file. But you might not want to make an exception for -C. And I realise the check is a security feature, and it's best to err on the side of defensive programming and maintainability. Edmund. -- Sent via pgsql-bugs mailing list (pgsql-bugs@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-bugs
