owned by postgres, doing "pg_ctl start" as root could allow a privilege
escalation attack, as pointed out by iDEFENSE. Of course the postmaster would
fail, but we ought to fail a little sooner to protect sysadmins unfamiliar
with Postgres. The chosen fix is to disable root use of pg_ctl in all cases,
just to be confident there are no other holes.
C:\msys\1.0\home\y-asaba>pg_ctl -D data restart
waiting for postmaster to shut down...LOG: received smart shutdown
request.
LOG: shutting down
LOG: database system is shut down
done
postmaster stopped
postmaster starting
C:\msys\1.0\home\y-asaba>postmaster.exe: invalid argument: "'-D'"
Try "postmaster.exe --help" for more information.
Yoshiyuki Asaba
- refactor a bunch of code to call a separate function print_msg() which
checks whether "silent mode" is enabled before printing an error
message.
- rename "silence_mode" to "silent_mode", which IMHO makes more sense
- make the error messages we emit in "waiting" mode more consistent; I
believe this fixes a recent error message regression
- replace some function signatures of the form "some_type foo()" with
"some_type foo(void)"
- replace a few instances of a literal 0 being used as a NULL pointer;
there are more instances of this in the code, but I just fixed a few
- in src/backend/utils/mb/wstrncmp.c, replace K&R style function
declarations with ANSI style, remove use of 'register' keyword
- remove an "extern" modifier that was applied to a function definition
(rather than a declaration)
PROMPT2 and PROMPT3 variables before we read any of the settings specified
via the user on the command-line or in psqlrc, so that the latter can
override the former. Per original patch from Ingo van Lil, simpler fix
suggested by Tom Lane.