owned by postgres, doing "pg_ctl start" as root could allow a privilege
escalation attack, as pointed out by iDEFENSE. Of course the postmaster would
fail, but we ought to fail a little sooner to protect sysadmins unfamiliar
with Postgres. The chosen fix is to disable root use of pg_ctl in all cases,
just to be confident there are no other holes.
C:\msys\1.0\home\y-asaba>pg_ctl -D data restart
waiting for postmaster to shut down...LOG: received smart shutdown
request.
LOG: shutting down
LOG: database system is shut down
done
postmaster stopped
postmaster starting
C:\msys\1.0\home\y-asaba>postmaster.exe: invalid argument: "'-D'"
Try "postmaster.exe --help" for more information.
Yoshiyuki Asaba
- refactor a bunch of code to call a separate function print_msg() which
checks whether "silent mode" is enabled before printing an error
message.
- rename "silence_mode" to "silent_mode", which IMHO makes more sense
- make the error messages we emit in "waiting" mode more consistent; I
believe this fixes a recent error message regression
- replace some function signatures of the form "some_type foo()" with
"some_type foo(void)"
- replace a few instances of a literal 0 being used as a NULL pointer;
there are more instances of this in the code, but I just fixed a few
- in src/backend/utils/mb/wstrncmp.c, replace K&R style function
declarations with ANSI style, remove use of 'register' keyword
- remove an "extern" modifier that was applied to a function definition
(rather than a declaration)
PROMPT2 and PROMPT3 variables before we read any of the settings specified
via the user on the command-line or in psqlrc, so that the latter can
override the former. Per original patch from Ingo van Lil, simpler fix
suggested by Tom Lane.
the startup banner. This allows "\set QUIET on" in psqlrc to do what the
user probably intended. Patch from Sean Chittenden, editorializing from
Neil Conway.
