77 *
88 *
99 * IDENTIFICATION
10- * $Header: /cvsroot/pgsql/src/backend/main/main.c,v 1.2 1996/11/08 05:56:27 momjian Exp $
10+ * $Header: /cvsroot/pgsql/src/backend/main/main.c,v 1.3 1996/11/14 20:49:09 scrappy Exp $
1111 *
1212 *-------------------------------------------------------------------------
1313 */
14+ #include <stdio.h>
1415#include <string.h>
16+ #include <unistd.h>
1517#include "postgres.h"
1618#include "miscadmin.h"
1719#include "bootstrap/bootstrap.h" /* for BootstrapMain() */
1820#include "tcop/tcopprot.h" /* for PostgresMain() */
1921#include "port-protos.h" /* for init_address_fixup() */
2022
23+ #define NOROOTEXEC "\
24+ \n\"root\" execution of the PostgreSQL backend is not permitted\n\n\
25+ It is highly recommended that the backend be started under it's own userid\n\
26+ to prevent possible system security compromise. This can be accomplished\n\
27+ by placing the following command in the PostgreSQL startup script.\n\n\
28+ echo \"postmaster -B 256 >/var/log/pglog 2>&1 &\" | su - postgres\n\n"
29+
2130int
2231main (int argc ,char * argv [])
2332{
@@ -33,6 +42,12 @@ main(int argc, char *argv[])
3342/* use one executable for both postgres and postmaster,
3443 invoke one or the other depending on the name of the executable */
3544len = strlen (argv [0 ]);
45+
46+ if (!geteuid ()) {
47+ fprintf (stderr ,"%s" ,NOROOTEXEC );
48+ exit (1 );
49+ }
50+
3651if (len >=10 && !strcmp (argv [0 ]+ len - 10 ,"postmaster" ))
3752exit (PostmasterMain (argc ,argv ));
3853