> > Fine. I just wanted to make sure the decions was being made > in terms > > of logic, rather than Win32 cruft avoidance. The previous > discussion > > was not clear on this point. > > I just came across another problem with this patch. It's not > complete :( > > You can *run* postgresql fine with it, but you can't run > initdb. Oops. > > I'll look at completing it with an update to initdb. There's nothing > *wrong* with the patch that's in the queue now (that I know > of, of course), so this is just an extension to it.
Attached is a patch for initdb only (the other patch stands unchanged). It will make initdb re-exec itself with a restricted token when available (since we can only control the security of subprocesses) There's a bit of shared code with pg_ctl (but not all of the exec stuff, because there is no need for a job object for initdb). I'm unsure if it's worth putting something in src/port instead for it, so this version doesn't. //Magnus
initdb_restricted.patch
Description: initdb_restricted.patch
---------------------------(end of broadcast)--------------------------- TIP 2: Don't 'kill -9' the postmaster
