> 1. You forgot to check "localsystem", as well as "domain 
> admins". These two have even higher permissions than the ones 
> you test for, and one of them is the default if Postgre ever 
> makes it to become a service.

Not at all. Local System is a member of the Administrators group (no, it
doesn't show up as such, but if you examine the token on any local
system process, you will see it has the administrators group sid in it).

As is Domain Admins, if the machine is in a domain. And if it's not in a
domain, Domain Admins simply does not apply.

Domain admins have equal permissions on the local machine as
Administrators, not more. It has more permissions on the network, but we
can't really dig into that - there are a lot of other groups we need to
check for as well in that case.

> 2. Are you sure "Powerusers" is such a good idea? It's the 
> default for all non-admin users.

In what installation is that the default? The default is "Users" and not
"Power Users" in all my installations (which I haven't tweaked in that
respect from what I know).

> When Postgres becomes a 
> service, it's going to be relatively easy to configure it to 
> run as a low-priv user. Until then, however, isn't it too 
> difficult for admins to set up the system for it to run as a 
> different user?

First, this is one of the reasons I go with warning and not error out. 

Second, I run it as a low-priv account myself using:
runas /user:postgres c:\pgdev\bin\startpg.bat

If you want to start it using an icon, it has the same possibilities. Or
just start a commandprompt as a different user and use that one.

(RunAs requires Windows2000+, that's the only limitation)


---------------------------(end of broadcast)---------------------------
TIP 6: Have you searched our list archives?


Reply via email to