Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit7bae0ad

Browse files
committed
Prevent running pg_basebackup as root
Similarly to pg_upgrade, pg_ctl and initdb, a root user is able to use--version and --help, but cannot execute the actual operation to avoidthe creation of files with permissions incompatible with thepostmaster.This is a behavior change, so not back-patching is done.Author: Ian BarwickDiscussion:https://postgr.es/m/CABvVfJVqOdD2neLkYdygdOHvbWz_5K_iWiqY+psMfA=FeAa3qQ@mail.gmail.com
1 parent93745f1 commit7bae0ad

File tree

1 file changed

+16
-0
lines changed

1 file changed

+16
-0
lines changed

‎src/bin/pg_basebackup/pg_basebackup.c

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2077,6 +2077,22 @@ main(int argc, char **argv)
20772077
}
20782078
}
20792079

2080+
/*
2081+
* Don't allow pg_basebackup to be run as root, to avoid creating files in
2082+
* the data directory with ownership rights incompatible with the
2083+
* postmaster.
2084+
*/
2085+
#ifndefWIN32
2086+
if (geteuid()==0)/* 0 is root's uid */
2087+
{
2088+
pg_log_error("cannot be run as root");
2089+
fprintf(stderr,
2090+
_("Please log in (using, e.g., \"su\") as the (unprivileged) user that will\n"
2091+
"own the server process.\n"));
2092+
exit(1);
2093+
}
2094+
#endif
2095+
20802096
atexit(cleanup_directories_atexit);
20812097

20822098
while ((c=getopt_long(argc,argv,"CD:F:r:RS:T:X:l:nNzZ:d:c:h:p:U:s:wWkvP",

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp