Prevent pg_resetxlog from being run as root. If this is allowed, some

author Neil Conway <neilc@samurai.com>

Tue, 14 Dec 2004 01:59:41 +0000 (01:59 +0000)

committer Neil Conway <neilc@samurai.com>

Tue, 14 Dec 2004 01:59:41 +0000 (01:59 +0000)
author Neil Conway <neilc@samurai.com>
Tue, 14 Dec 2004 01:59:41 +0000 (01:59 +0000)
committer Neil Conway <neilc@samurai.com>
Tue, 14 Dec 2004 01:59:41 +0000 (01:59 +0000)
diff --git a/src/bin/pg_resetxlog/pg_resetxlog.c b/src/bin/pg_resetxlog/pg_resetxlog.c

index db307f989dfee8cf89010d92f5c082ab5641a28f..41ab6bb1cc9eca2927f5e184282e779fdfce2de0 100644 (file)
--- a/src/bin/pg_resetxlog/pg_resetxlog.c
+++ b/src/bin/pg_resetxlog/pg_resetxlog.c
@@ -176,6 +176,25 @@ main(int argc, char *argv[])
                 exit(1);
         }
  
+       /*
+        * Don't allow pg_resetxlog to be run as root, to avoid
+        * overwriting the ownership of files in the data directory. We
+        * need only check for root -- any other user won't have
+        * sufficient permissions to modify files in the data directory.
+        */
+#ifndef WIN32
+#ifndef __BEOS__                               /* no root check on BeOS */
+       if (geteuid() == 0)
+       {
+               fprintf(stderr, _("%s: cannot be executed by \"root\"\n"),
+                               progname);
+               fprintf(stderr, _("You must run %s as the PostgreSQL superuser.\n"),
+                               progname);
+               exit(1);
+       }
+#endif
+#endif
+
         DataDir = argv[optind];
         snprintf(XLogDir, MAXPGPATH, "%s/pg_xlog", DataDir);
         snprintf(ControlFilePath, MAXPGPATH, "%s/global/pg_control", DataDir);
author	Neil Conway <neilc@samurai.com>
	Tue, 14 Dec 2004 01:59:41 +0000 (01:59 +0000)
committer	Neil Conway <neilc@samurai.com>
	Tue, 14 Dec 2004 01:59:41 +0000 (01:59 +0000)