rdelaage/postgresql
1
0
Fork 0
mirror of https://git.postgresql.org/git/postgresql.git synced 2024-08-28 23:47:20 +02:00
Code Issues Packages Projects Releases Wiki Activity
41,528 Commits 36 Branches 606 Tags 423 MiB
C 86%
PLpgSQL 5.5%
Perl 4.1%
Yacc 1.3%
Makefile 0.7%
Other 2.3%
b7d6f75072
Go to file
Noah Misch b7d6f75072 start-scripts: switch to $PGUSER before opening $PGLOG. 
By default, $PGUSER has permission to unlink $PGLOG.  If $PGUSER
replaces $PGLOG with a symbolic link, the server will corrupt the
link-targeted file by appending log messages.  Since these scripts open
$PGLOG as root, the attack works regardless of target file ownership.

"make install" does not install these scripts anywhere.  Users having
manually installed them in the past should repeat that process to
acquire this fix.  Most script users have $PGLOG writable to root only,
located in $PGDATA.  Just before updating one of these scripts, such
users should rename $PGLOG to $PGLOG.old.  The script will then recreate
$PGLOG with proper ownership.

Reviewed by Peter Eisentraut.  Reported by Antoine Scemama.

Security: CVE-2017-12172
2017-11-06 07:11:13 -08:00
config Absorb -D_USE_32BIT_TIME_T switch from Perl, if relevant. 2017-08-14 11:48:59 -04:00
contrib start-scripts: switch to $PGUSER before opening $PGLOG. 2017-11-06 07:11:13 -08:00
doc Release notes for 10.1, 9.6.6, 9.5.10, 9.4.15, 9.3.20, 9.2.24. 2017-11-05 13:47:56 -05:00
src Always require SELECT permission for ON CONFLICT DO UPDATE. 2017-11-06 09:16:24 +00:00
.dir-locals.el emacs: Set indent-tabs-mode in perl-mode 2015-04-12 23:53:23 -04:00
.gitattributes Fix whitespace and remove obsolete gitattributes entry 2016-03-13 16:03:13 -04:00
.gitignore Add .gitignore entries for AIX-specific intermediate build artifacts. 2015-07-08 20:44:22 -04:00
aclocal.m4 Replace our hacked version of ax_pthread.m4 with latest upstream version. 2015-07-08 20:36:06 +03:00
configure Avoid SIGBUS on Linux when a DSM memory request overruns tmpfs. 2017-09-25 16:09:20 -04:00
configure.in Avoid SIGBUS on Linux when a DSM memory request overruns tmpfs. 2017-09-25 16:09:20 -04:00
COPYRIGHT Update copyright for 2017 2017-01-03 12:37:53 -05:00
GNUmakefile.in Fix distclean/maintainer-clean targets to remove top-level tmp_install dir. 2015-05-13 18:48:05 -04:00
HISTORY Change documentation references to PG website to use https: not http: 2017-05-20 21:50:47 -04:00
Makefile Prevent passing down MAKELEVEL/MAKEFLAGS from non-GNU make to GNU make. 2017-08-09 12:06:08 -04:00
README Change documentation references to PG website to use https: not http: 2017-05-20 21:50:47 -04:00
README.git Change documentation references to PG website to use https: not http: 2017-05-20 21:50:47 -04:00

README 

PostgreSQL Database Management System
=====================================

This directory contains the source code distribution of the PostgreSQL
database management system.

PostgreSQL is an advanced object-relational database management system
that supports an extended subset of the SQL standard, including
transactions, foreign keys, subqueries, triggers, user-defined types
and functions.  This distribution also contains C language bindings.

PostgreSQL has many language interfaces, many of which are listed here:

	https://www.postgresql.org/download

See the file INSTALL for instructions on how to build and install
PostgreSQL.  That file also lists supported operating systems and
hardware platforms and contains information regarding any other
software packages that are required to build or run the PostgreSQL
system.  Copyright and license information can be found in the
file COPYRIGHT.  A comprehensive documentation set is included in this
distribution; it can be read as described in the installation
instructions.

The latest version of this software may be obtained at
https://www.postgresql.org/download/.  For more information look at our
web site located at https://www.postgresql.org/.