Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
Greenplum
Gpdb
提交
8407bb3c
G
Gpdb
项目概览
Greenplum
/
Gpdb
通知
7
Star
1
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
DevOps
流水线
流水线任务
计划
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
G
Gpdb
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
DevOps
DevOps
流水线
流水线任务
计划
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
流水线任务
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
8407bb3c
编写于
4月 21, 2001
作者:
T
Tom Lane
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Remove useless setuid() call, instead add a check that real and effective
userids are the same. Per today's pghackers discussion.
上级
9ae68190
变更
3
隐藏空白更改
内联
并排
Showing
3 changed file
with
42 addition
and
22 deletion
+42
-22
src/backend/main/main.c
src/backend/main/main.c
+38
-13
src/backend/utils/init/findbe.c
src/backend/utils/init/findbe.c
+1
-4
src/backend/utils/init/postinit.c
src/backend/utils/init/postinit.c
+3
-5
未找到文件。
src/backend/main/main.c
浏览文件 @
8407bb3c
...
...
@@ -13,7 +13,7 @@
*
*
* IDENTIFICATION
* $Header: /cvsroot/pgsql/src/backend/main/main.c,v 1.4
2 2001/03/22 03:59:30 momjian
Exp $
* $Header: /cvsroot/pgsql/src/backend/main/main.c,v 1.4
3 2001/04/21 18:29:29 tgl
Exp $
*
*-------------------------------------------------------------------------
*/
...
...
@@ -103,22 +103,46 @@ main(int argc, char *argv[])
*/
/*
* Make sure we are not running as root.
*
* BeOS currently runs everything as root :-(, so this check must be
* temporarily disabled there...
* Skip permission checks if we're just trying to do --help or --version;
* otherwise root will get unhelpful failure messages from initdb.
*/
#ifndef __BEOS__
if
(
!
(
argc
>
1
&&
(
strcmp
(
argv
[
1
],
"--help"
)
==
0
||
strcmp
(
argv
[
1
],
"-?"
)
==
0
||
strcmp
(
argv
[
1
],
"--version"
)
==
0
||
strcmp
(
argv
[
1
],
"-V"
)
==
0
))
&&
(
geteuid
()
==
0
))
&&
(
strcmp
(
argv
[
1
],
"--help"
)
==
0
||
strcmp
(
argv
[
1
],
"-?"
)
==
0
||
strcmp
(
argv
[
1
],
"--version"
)
==
0
||
strcmp
(
argv
[
1
],
"-V"
)
==
0
)))
{
fprintf
(
stderr
,
"%s"
,
NOROOTEXEC
);
exit
(
1
);
}
/*
* Make sure we are not running as root.
*
* BeOS currently runs everything as root :-(, so this check must be
* temporarily disabled there...
*/
#ifndef __BEOS__
if
(
geteuid
()
==
0
)
{
fprintf
(
stderr
,
"%s"
,
NOROOTEXEC
);
exit
(
1
);
}
#endif
/* __BEOS__ */
/*
* Also make sure that real and effective uids are the same.
* Executing Postgres as a setuid program from a root shell is a
* security hole, since on many platforms a nefarious subroutine could
* setuid back to root if real uid is root. (Since nobody actually
* uses Postgres as a setuid program, trying to actively fix this
* situation seems more trouble than it's worth; we'll just expend the
* effort to check for it.)
*/
if
(
getuid
()
!=
geteuid
())
{
fprintf
(
stderr
,
"%s: real and effective userids must match
\n
"
,
argv
[
0
]);
exit
(
1
);
}
}
/*
* Set up locale information from environment, in only the categories
* needed by Postgres; leave other categories set to default "C".
...
...
@@ -162,7 +186,8 @@ main(int argc, char *argv[])
pw
=
getpwuid
(
geteuid
());
if
(
pw
==
NULL
)
{
fprintf
(
stderr
,
"%s: invalid current euid"
,
argv
[
0
]);
fprintf
(
stderr
,
"%s: invalid current euid %d
\n
"
,
argv
[
0
],
(
int
)
geteuid
());
exit
(
1
);
}
/* Allocate new memory because later getpwuid() calls can overwrite it */
...
...
src/backend/utils/init/findbe.c
浏览文件 @
8407bb3c
...
...
@@ -7,7 +7,7 @@
*
*
* IDENTIFICATION
* $Header: /cvsroot/pgsql/src/backend/utils/init/Attic/findbe.c,v 1.2
0 2001/01/24 19:43:15 momjian
Exp $
* $Header: /cvsroot/pgsql/src/backend/utils/init/Attic/findbe.c,v 1.2
1 2001/04/21 18:29:29 tgl
Exp $
*
*-------------------------------------------------------------------------
*/
...
...
@@ -93,9 +93,6 @@ ValidateBinary(char *path)
/*
* Ensure that the file is both executable and readable (required for
* dynamic loading).
*
* We use the effective uid here because the backend will not have
* executed setuid() by the time it calls this routine.
*/
euid
=
geteuid
();
if
(
euid
==
buf
.
st_uid
)
...
...
src/backend/utils/init/postinit.c
浏览文件 @
8407bb3c
...
...
@@ -8,7 +8,7 @@
*
*
* IDENTIFICATION
* $Header: /cvsroot/pgsql/src/backend/utils/init/postinit.c,v 1.8
3 2001/03/22 06:16:18 momjian
Exp $
* $Header: /cvsroot/pgsql/src/backend/utils/init/postinit.c,v 1.8
4 2001/04/21 18:29:29 tgl
Exp $
*
*
*-------------------------------------------------------------------------
...
...
@@ -335,16 +335,14 @@ InitPostgres(const char *dbname, const char *username)
LockDisable
(
true
);
/*
*
Set ourselves to the proper user id and figure out our postgres
*
user id
.
*
Figure out our postgres user id. If bootstrapping, we can't
*
assume that pg_shadow exists yet, so fake it
.
*/
if
(
bootstrap
)
SetSessionUserId
(
geteuid
());
else
SetSessionUserIdFromUserName
(
username
);
setuid
(
geteuid
());
/*
* Unless we are bootstrapping, double-check that InitMyDatabaseInfo()
* got a correct result. We can't do this until all the
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录