* Tom Lane (t...@sss.pgh.pa.us) wrote: > Stephen Frost <sfr...@snowman.net> writes: > > * Tom Lane (t...@sss.pgh.pa.us) wrote: > >> ... but I'm left with a policy question: should initdb disallow > >> bootstrap superuser names like "pg_xxx"? > > > On the whole, I'd vote to treat the bootstrap user as a normal role and > > therefore have the same restriction in place for that user also. > > If we're going to enforce such a restriction, I think it would be > a good thing for it to be in place in beta1.
Makes sense. Patch attached. I'll push this in a bit, barring objections. Thanks! Stephen
From ae3ec5c409464612754cd36372a0fc2166bc2f62 Mon Sep 17 00:00:00 2001
From: Stephen Frost <sfr...@snowman.net>
Date: Sun, 8 May 2016 08:35:16 -0400
Subject: [PATCH] Disallow superuser names starting with 'pg_' in initdb
As with CREATE ROLE, disallow users from specifying initial
superuser names which begin with 'pg_' in initdb.
Per discussion with Tom.
---
src/bin/initdb/initdb.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/src/bin/initdb/initdb.c b/src/bin/initdb/initdb.c
index 299ddfe..7dedd8a 100644
--- a/src/bin/initdb/initdb.c
+++ b/src/bin/initdb/initdb.c
@@ -3562,6 +3562,12 @@ main(int argc, char *argv[])
if (strlen(username) == 0)
username = effective_user;
+ if (strncmp(username, "pg_", 3) == 0)
+ {
+ fprintf(stderr, _("%s: superuser name \"%s\" is reserved; role names can not begin with 'pg_'\n"), progname, username);
+ exit(1);
+ }
+
printf(_("The files belonging to this database system will be owned "
"by user \"%s\".\n"
"This user must also own the server process.\n\n"),
--
2.5.0
signature.asc
Description: Digital signature
