From 75e39c441eacfb89d4dbfd429a3bef432ed6126c Mon Sep 17 00:00:00 2001 From: Neil Conway Date: Tue, 14 Dec 2004 01:59:41 +0000 Subject: [PATCH] Prevent pg_resetxlog from being run as root. If this is allowed, some root-owned files will be written to the data directory, leaving it in an unusable state. --- src/bin/pg_resetxlog/pg_resetxlog.c | 21 ++++++++++++++++++++- 1 file changed, 20 insertions(+), 1 deletion(-) diff --git a/src/bin/pg_resetxlog/pg_resetxlog.c b/src/bin/pg_resetxlog/pg_resetxlog.c index 720c28f126..e3ff074c66 100644 --- a/src/bin/pg_resetxlog/pg_resetxlog.c +++ b/src/bin/pg_resetxlog/pg_resetxlog.c @@ -23,7 +23,7 @@ * Portions Copyright (c) 1996-2004, PostgreSQL Global Development Group * Portions Copyright (c) 1994, Regents of the University of California * - * $PostgreSQL: pgsql/src/bin/pg_resetxlog/pg_resetxlog.c,v 1.25 2004/11/17 21:37:47 tgl Exp $ + * $PostgreSQL: pgsql/src/bin/pg_resetxlog/pg_resetxlog.c,v 1.26 2004/12/14 01:59:41 neilc Exp $ * *------------------------------------------------------------------------- */ @@ -176,6 +176,25 @@ main(int argc, char *argv[]) exit(1); } + /* + * Don't allow pg_resetxlog to be run as root, to avoid + * overwriting the ownership of files in the data directory. We + * need only check for root -- any other user won't have + * sufficient permissions to modify files in the data directory. + */ +#ifndef WIN32 +#ifndef __BEOS__ /* no root check on BeOS */ + if (geteuid() == 0) + { + fprintf(stderr, _("%s: cannot be executed by \"root\"\n"), + progname); + fprintf(stderr, _("You must run %s as the PostgreSQL superuser.\n"), + progname); + exit(1); + } +#endif +#endif + DataDir = argv[optind]; snprintf(XLogDir, MAXPGPATH, "%s/pg_xlog", DataDir); snprintf(ControlFilePath, MAXPGPATH, "%s/global/pg_control", DataDir); -- 2.40.0