Re: [HACKERS] Proof of concept: standalone backend with full FE/BE protocol

Sun, 09 Sep 2012 01:09:26 -0700 

On Friday, September 07, 2012 11:19 PM Tom Lane wrote:
Heikki Linnakangas <[email protected]> writes:
>> Would socketpair(2) be simpler?



>I've not done anything yet about the potential security issues
>associated with untrusted libpq connection strings.  I think this
>is still at the proof-of-concept stage; in particular, it's probably
> time to see if we can make it work on Windows before we worry more
>about that.

I have started working on this patch to make it work on Windows. The 3 main 
things to make it work are:

1. Windows equivalent for socketpair - This as suggested previously in this 
thread earlier code of pgpipe can suffice the need. Infact I have checked on 
net as well, most implementations are similar to pgpipe implementation. So I 
prefered to use the existing code which was removed. 

2. Windows equivalent for fork-execv - This part can be done by 
CreateProcess,it can be similar to internal_forkexec except for path where it 
uses shared memory to pass parameters, I am trying to directly pass parameters 
to CreateProcess.

3. Windows equivalent for waitpid - Actually there can be 2 ways to accomplish 
this
                                                          a. use 
waitforsingleobject with process handle, but in some places it is mentioned it 
might not work for all windows versions. Can someone pls confirm about. I shall 
try on my  
                                                               PC to test the 
same.
                                                          b. use existing 
infrastructure of waitpid, however it is not for single process and it might 
need some changes to make it work for single process or may be we can use it 
                                                              directly. However 
currently it is in postmaster.c, so it need to be moved so that we can access 
it from fe-connect.c in libpq as well.
                                                          c. suggest if you 
know of other ways to handle it or which from above 2 would be better?

Some other doubts:

1. does this follow the behavior that admin users will not be allowed to invoke 
postgres child process?
2. to find standalone_backend incase user didn't input, do we need mechanism 
similar to getInstallationPaths()?

Any other comments/suggestions?

With Regards,
Amit Kapila.




-- 
Sent via pgsql-hackers mailing list ([email protected])
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers

Reply via email to