On Tue, Jan 27, 2009 at 11:26 AM, Peter Eisentraut <pete...@gmx.net> wrote: > On Tuesday 27 January 2009 12:34:56 Dave Page wrote: >> I'm not entirely sure what has change in the SCM to cause this yet >> (Windows 7 documentation is somewhat thin on the ground at the >> moment), but the patch avoids theporblem by only setting >> JOB_OBJECT_UILIMIT_HANDLES on earlier OSs. > > Doesn't this effectively mean, we relax the security settings because we don't > understand why we are getting errors? Sounds fishy.
Yes, essentially. I have a suspicion that Microsoft have tightened the security of that option, such that if we use it we can no longer see the handle to the service control manager (which it owns of course), but I have no way to prove that. However; - We only use job objects on >= XP. On Windows 2000/NT4, we don't use them at all so we don't set any of the related security options on those platforms. - I don't believe this option gives us much additional security. It doesn't secure PostgreSQL in any way, it prevents PostgreSQL from seeing the user handles owned by other jobs in the same session. To make any use of those, the PostgreSQL installation would have to be severely compromised anyway, which would give other, easier paths into the system, besides which, when running as a service we're in our own session anyway. -- Dave Page EnterpriseDB UK: http://www.enterprisedb.com -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
