> [mailto:pgsql-hackers-ow...@postgresql.org] On Behalf Of Michael Paquier
> > .85).aspx
> That's what I looked at as well :) And this part is what caught my attention,
> meaning that it is not used by anything else than the SCM:
> "The LocalSystem account is a predefined local account used by the service
> control manager."
The same thing is said about other two special accounts, so they need to be
checked if we really believe we need to check for LocalSystem.
"The LocalService account is a predefined local account used by the service
"The NetworkService account is a predefined local account used by the service
But, in practice, SECURITY_SERVICE_RID has turned out to be enough.
> And this implies, at least it seems to me, that trying to run Postgres as
> this user is actually not something you'd want to do.
Yes, I think people should avoid using LocalSystem for user services like
PostgreSQL for security reasons. But the Services applet in the Control Panel
allows to select LocalSystem, and pg_ctl register creates a service with
LocalSystem account when -U is omitted.
Sent via pgsql-hackers mailing list (email@example.com)
To make changes to your subscription: