Remove backend output redirection in initdb
The --backend_output parameter was used to redirect output from initdb
executing the backend during probing to a separate logfile. This log
was then appended to the main initdb log in case of errors. Blindly
passing user parameters to system() is however problematic, as it will
execute any arbitrary commands passed. The below example will redir
the output and also execute echo.
./bin/initdb -D data --backend_output="/tmp/out.log\" 2>&1; echo \"a"
There is no privilege escalation in initdb, so there is no security
angle to this, but it's still a less than desirable capability. Fix by
removing the parameter altogether (this feature does not exist in
upstream).
Reviewed-by: NJacob Champion <pchampion@pivotal.io>
Showing
想要评论请 注册 或 登录