postgrespro
diff --git a/‎src/backend/bootstrap/bootstrap.c
Lines changed: 8 additions & 10 deletions b/‎src/backend/bootstrap/bootstrap.c
Lines changed: 8 additions & 10 deletions
diff --git a/‎src/backend/main/main.c
Lines changed: 22 additions & 16 deletions b/‎src/backend/main/main.c
Lines changed: 22 additions & 16 deletions
diff --git a/‎src/backend/nls.mk
Lines changed: 2 additions & 2 deletions b/‎src/backend/nls.mk
Lines changed: 2 additions & 2 deletions
diff --git a/‎src/backend/port/win32/Makefile
Lines changed: 2 additions & 2 deletions b/‎src/backend/port/win32/Makefile
Lines changed: 2 additions & 2 deletions
diff --git a/‎src/backend/port/win32/security.c
Lines changed: 184 additions & 0 deletions b/‎src/backend/port/win32/security.c
Lines changed: 184 additions & 0 deletions
@@ -8,7 +8,7 @@
  * Portions Copyright (c) 1994, Regents of the University of California
  *
  * IDENTIFICATION
- *	  $PostgreSQL: pgsql/src/backend/bootstrap/bootstrap.c,v 1.184 2004/06/06 00:41:26 tgl Exp $
+ *	  $PostgreSQL: pgsql/src/backend/bootstrap/bootstrap.c,v 1.185 2004/06/24 21:02:24 tgl Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -328,12 +328,11 @@ BootstrapMain(int argc, char *argv[])
 	{
 		if (!potential_DataDir)
 		{
-			fprintf(stderr,
-					gettext("%s does not know where to find the database system data.\n"
-							"You must specify the directory that contains the database system\n"
-							"either by specifying the -D invocation option or by setting the\n"
-							"PGDATA environment variable.\n"),
-					argv[0]);
+			write_stderr("%s does not know where to find the database system data.\n"
+						 "You must specify the directory that contains the database system\n"
+						 "either by specifying the -D invocation option or by setting the\n"
+						 "PGDATA environment variable.\n",
+						 argv[0]);
 			proc_exit(1);
 		}
 		SetDataDir(potential_DataDir);
@@ -503,15 +502,14 @@ BootstrapMain(int argc, char *argv[])
 static void
 usage(void)
 {
-	fprintf(stderr,
-			gettext("Usage:\n"
+	write_stderr("Usage:\n"
 					"  postgres -boot [OPTION]... DBNAME\n"
 					"  -c NAME=VALUE    set run-time parameter\n"
 					"  -d 1-5           debug level\n"
 					"  -D datadir       data directory\n"
 					"  -F               turn off fsync\n"
 					"  -o file          send debug output to file\n"
-					"  -x num           internal use\n"));
+					"  -x num           internal use\n");
 
 	proc_exit(1);
 }
 
@@ -13,7 +13,7 @@
  *
  *
  * IDENTIFICATION
- *	  $PostgreSQL: pgsql/src/backend/main/main.c,v 1.86 2004/06/03 00:07:36 momjian Exp $
+ *	  $PostgreSQL: pgsql/src/backend/main/main.c,v 1.87 2004/06/24 21:02:33 tgl Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -91,8 +91,8 @@ main(int argc, char *argv[])
 #if defined(__alpha)			/* no __alpha__ ? */
 	if (setsysinfo(SSI_NVPAIRS, buffer, 1, (caddr_t) NULL,
 				   (unsigned long) NULL) < 0)
-		fprintf(stderr, gettext("%s: setsysinfo failed: %s\n"),
-				argv[0], strerror(errno));
+		write_stderr("%s: setsysinfo failed: %s\n",
+					 argv[0], strerror(errno));
 #endif
 #endif   /* NOFIXADE || NOPRINTADE */
 
@@ -109,7 +109,7 @@ main(int argc, char *argv[])
 		err = WSAStartup(MAKEWORD(2, 2), &wsaData);
 		if (err != 0)
 		{
-			fprintf(stderr, "%s: WSAStartup failed: %d\n",
+			write_stderr("%s: WSAStartup failed: %d\n",
 					argv[0], err);
 			exit(1);
 		}
@@ -212,12 +212,10 @@ main(int argc, char *argv[])
 		 */
 		if (geteuid() == 0)
 		{
-			fprintf(stderr,
-					gettext("\"root\" execution of the PostgreSQL server is not permitted.\n"
-							"The server must be started under an unprivileged user ID to prevent\n"
-							"possible system security compromise.  See the documentation for\n"
-				"more information on how to properly start the server.\n"
-							));
+			write_stderr("\"root\" execution of the PostgreSQL server is not permitted.\n"
+						 "The server must be started under an unprivileged user ID to prevent\n"
+						 "possible system security compromise.  See the documentation for\n"
+						 "more information on how to properly start the server.\n");
 			exit(1);
 		}
 #endif   /* !__BEOS__ */
@@ -233,9 +231,17 @@ main(int argc, char *argv[])
 		 */
 		if (getuid() != geteuid())
 		{
-			fprintf(stderr,
-				 gettext("%s: real and effective user IDs must match\n"),
-					argv[0]);
+			write_stderr("%s: real and effective user IDs must match\n",
+						 argv[0]);
+			exit(1);
+		}
+#else /* WIN32 */
+		if (pgwin32_is_admin())
+		{
+			write_stderr("execution of PostgreSQL by a user with administrative permissions is not permitted.\n"
+						 "The server must be started under an unprivileged user ID to prevent\n"
+						 "possible system security compromise.  See the documentation for\n"
+						 "more information on how to properly start the server.\n");
 			exit(1);
 		}
 #endif   /* !WIN32 */
@@ -292,8 +298,8 @@ main(int argc, char *argv[])
 	pw = getpwuid(geteuid());
 	if (pw == NULL)
 	{
-		fprintf(stderr, gettext("%s: invalid effective UID: %d\n"),
-				argv[0], (int) geteuid());
+		write_stderr("%s: invalid effective UID: %d\n",
+					 argv[0], (int) geteuid());
 		exit(1);
 	}
 	/* Allocate new memory because later getpwuid() calls can overwrite it */
@@ -305,7 +311,7 @@ main(int argc, char *argv[])
 		pw_name_persist = malloc(namesize);
 		if (!GetUserName(pw_name_persist, &namesize))
 		{
-			fprintf(stderr, gettext("%s: could not determine user name (GetUserName failed)\n"),
+			write_stderr("%s: could not determine user name (GetUserName failed)\n",
 					argv[0]);
 			exit(1);
 		}
 
@@ -1,10 +1,10 @@
-# $PostgreSQL: pgsql/src/backend/nls.mk,v 1.12 2004/06/10 17:10:24 petere Exp $
+# $PostgreSQL: pgsql/src/backend/nls.mk,v 1.13 2004/06/24 21:02:40 tgl Exp $
 CATALOG_NAME	:= postgres
 AVAIL_LANGUAGES	:= af cs de es hr hu it nb pt_BR ru sv tr zh_CN zh_TW
 GETTEXT_FILES	:= + gettext-files
 # you can add "elog:2" and "errmsg_internal" to this list if you want to
 # include internal messages in the translation list.
-GETTEXT_TRIGGERS:= errmsg errdetail errhint errcontext postmaster_error yyerror
+GETTEXT_TRIGGERS:= errmsg errdetail errhint errcontext write_stderr yyerror
 
 gettext-files: distprep
 	find $(srcdir)/ -name '*.c' -print >$@
 
@@ -4,15 +4,15 @@
 #    Makefile for port/win32
 #
 # IDENTIFICATION
-#    $PostgreSQL: pgsql/src/backend/port/win32/Makefile,v 1.4 2004/04/12 16:19:18 momjian Exp $
+#    $PostgreSQL: pgsql/src/backend/port/win32/Makefile,v 1.5 2004/06/24 21:02:42 tgl Exp $
 #
 #-------------------------------------------------------------------------
 
 subdir = src/backend/port/win32
 top_builddir = ../../../..
 include $(top_builddir)/src/Makefile.global
 
-OBJS = sema.o shmem.o timer.o socket.o signal.o
+OBJS = sema.o shmem.o timer.o socket.o signal.o security.o
 
 all: SUBSYS.o
 
 
@@ -0,0 +1,184 @@
+/*-------------------------------------------------------------------------
+ *
+ * security.c
+ *    Microsoft Windows Win32 Security Support Functions
+ *
+ * Portions Copyright (c) 1996-2003, PostgreSQL Global Development Group
+ *
+ * IDENTIFICATION
+ *	  $PostgreSQL: pgsql/src/backend/port/win32/security.c,v 1.1 2004/06/24 21:02:42 tgl Exp $
+ *
+ *-------------------------------------------------------------------------
+ */
+
+#include "postgres.h"
+
+
+/*
+ * Returns nonzero if the current user has administrative privileges,
+ * or zero if not.
+ *
+ * Note: this cannot use ereport() because it's called too early during
+ * startup.
+ */
+int
+pgwin32_is_admin(void)
+{
+	HANDLE AccessToken;
+	UCHAR InfoBuffer[1024];
+	PTOKEN_GROUPS Groups = (PTOKEN_GROUPS)InfoBuffer; 
+	DWORD InfoBufferSize;
+	PSID AdministratorsSid;
+	PSID PowerUsersSid;
+	SID_IDENTIFIER_AUTHORITY NtAuthority = { SECURITY_NT_AUTHORITY }; 
+	UINT x;
+	BOOL success;
+	
+	if(!OpenProcessToken(GetCurrentProcess(),TOKEN_READ,&AccessToken))
+	{
+		write_stderr("failed to open process token: %d\n",
+					 (int)GetLastError());
+		exit(1);
+	}
+
+	if (!GetTokenInformation(AccessToken,TokenGroups,InfoBuffer,
+							 1024, &InfoBufferSize))
+	{
+		write_stderr("failed to get token information: %d\n",
+					 (int)GetLastError());
+		exit(1);
+	}
+
+	CloseHandle(AccessToken);
+
+	if(!AllocateAndInitializeSid(&NtAuthority, 2,
+								 SECURITY_BUILTIN_DOMAIN_RID,DOMAIN_ALIAS_RID_ADMINS, 0, 0, 0, 0, 0,
+								 0,&AdministratorsSid))
+	{
+		write_stderr("failed to get SID for Administrators group: %d\n",
+					 (int)GetLastError());
+		exit(1);
+	}
+
+	if (!AllocateAndInitializeSid(&NtAuthority, 2,
+								  SECURITY_BUILTIN_DOMAIN_RID,DOMAIN_ALIAS_RID_POWER_USERS, 0, 0, 0, 0, 0,
+								  0, &PowerUsersSid))
+	{
+		write_stderr("failed to get SID for PowerUsers group: %d\n",
+					 (int)GetLastError());
+		exit(1);
+	}
+	
+	success = FALSE;
+	
+	for (x=0; x<Groups->GroupCount; x++)
+	{
+		if (EqualSid(AdministratorsSid, Groups->Groups[x].Sid) ||
+			EqualSid(PowerUsersSid, Groups->Groups[x].Sid))
+		{
+			success = TRUE;
+			break;
+		}
+	}
+	
+	FreeSid(AdministratorsSid);
+	FreeSid(PowerUsersSid);
+	return success;
+}
+
+/*
+ * We consider ourselves running as a service if one of the following is
+ * true:
+ *
+ * 1) We are running as Local System (only used by services)
+ * 2) Our token contains SECURITY_SERVICE_RID (automatically added to the
+ *    process token by the SCM when starting a service)
+ *
+ * Return values:
+ *   0 = Not service
+ *   1 = Service
+ *  -1 = Error
+ *
+ * Note: we can't report errors via either ereport (we're called too early)
+ * or write_stderr (because that calls this).  We are therefore reduced to
+ * writing directly on stderr, which sucks, but we have few alternatives.
+ */
+int
+pgwin32_is_service(void)
+{
+	static int _is_service = -1;
+	HANDLE AccessToken;
+	UCHAR InfoBuffer[1024];
+	PTOKEN_GROUPS Groups = (PTOKEN_GROUPS)InfoBuffer;
+	PTOKEN_USER User = (PTOKEN_USER)InfoBuffer;
+	DWORD InfoBufferSize;
+	PSID ServiceSid;
+	PSID LocalSystemSid;
+	SID_IDENTIFIER_AUTHORITY NtAuthority = { SECURITY_NT_AUTHORITY }; 
+	UINT x;
+
+	/* Only check the first time */
+	if (_is_service != -1)
+		return _is_service;
+	
+	if (!OpenProcessToken(GetCurrentProcess(),TOKEN_READ,&AccessToken)) {
+		fprintf(stderr,"failed to open process token: %d\n",
+				(int)GetLastError());
+		return -1;
+	}
+
+	/* First check for local system */
+	if (!GetTokenInformation(AccessToken,TokenUser,InfoBuffer,1024,&InfoBufferSize)) {
+		fprintf(stderr,"failed to get token information: %d\n",
+				(int)GetLastError());
+		return -1;
+	}
+	
+	if (!AllocateAndInitializeSid(&NtAuthority,1,
+								  SECURITY_LOCAL_SYSTEM_RID,0,0,0,0,0,0,0,
+								  &LocalSystemSid)) {
+		fprintf(stderr,"failed to get SID for local system account\n");
+		CloseHandle(AccessToken);
+		return -1;
+	}
+
+	if (EqualSid(LocalSystemSid, User->User.Sid)) {
+		FreeSid(LocalSystemSid);
+		CloseHandle(AccessToken);
+		_is_service = 1;
+		return _is_service;
+	}
+
+	FreeSid(LocalSystemSid);
+
+	/* Now check for group SID */
+	if (!GetTokenInformation(AccessToken,TokenGroups,InfoBuffer,1024,&InfoBufferSize)) {
+		fprintf(stderr,"failed to get token information: %d\n",
+				(int)GetLastError());
+		return -1;
+	}
+
+	if (!AllocateAndInitializeSid(&NtAuthority,1,
+								  SECURITY_SERVICE_RID, 0, 0, 0, 0, 0, 0, 0,
+								  &ServiceSid)) {
+		fprintf(stderr,"failed to get SID for service group\n");
+		CloseHandle(AccessToken);
+		return -1;
+	}
+
+	_is_service = 0;
+	for (x = 0; x < Groups->GroupCount; x++)
+	{
+		if (EqualSid(ServiceSid, Groups->Groups[x].Sid)) 
+		{
+			_is_service = 1;
+			break;
+		}
+	}
+
+	FreeSid(ServiceSid);
+
+	CloseHandle(AccessToken);
+
+	return _is_service;
+}
Original file line number	Diff line number	Diff line change
`@@ -4,15 +4,15 @@`
`4`	`4`	`# Makefile for port/win32`
`5`	`5`	`#`
`6`	`6`	`# IDENTIFICATION`
`7`		`-# $PostgreSQL: pgsql/src/backend/port/win32/Makefile,v 1.4 2004/04/12 16:19:18 momjian Exp $`
	`7`	`+# $PostgreSQL: pgsql/src/backend/port/win32/Makefile,v 1.5 2004/06/24 21:02:42 tgl Exp $`
`8`	`8`	`#`
`9`	`9`	`#-------------------------------------------------------------------------`
`10`	`10`
`11`	`11`	`subdir = src/backend/port/win32`
`12`	`12`	`top_builddir = ../../../..`
`13`	`13`	`include $(top_builddir)/src/Makefile.global`
`14`	`14`
`15`		`-OBJS = sema.o shmem.o timer.o socket.o signal.o`
	`15`	`+OBJS = sema.o shmem.o timer.o socket.o signal.o security.o`
`16`	`16`
`17`	`17`	`all: SUBSYS.o`
`18`	`18`