Tom Lane wrote: > (a) And there would be untrusted code running as postgres exactly > why?
Because someone has cracked the PostgreSQL server. > (b) Seems to me the real security bug here is the mere existence of > that ioctl call. Probably. I'm just pointing out the findings about the environment we're operating in. The fact is that right now "run as postgres to protect your root account" won't work on some systems and with unfortunately written init scripts. -- Peter Eisentraut http://developer.postgresql.org/~petere/ ---------------------------(end of broadcast)--------------------------- TIP 4: Don't 'kill -9' the postmaster