Re: [HACKERS] [PATCHES] [Patch] - Fix for bug #2558, InitDB failed to run
Tom Lane wrote: Andrew Dunstan [EMAIL PROTECTED] writes: I am more than somewhat perplexed as to why the NUL device should be a security risk ... what are they thinking?? Frankly, I don't believe it; even Microsoft can't be that stupid. And I can't find any suggestion that they've done this in a google search. I think the OP is misdiagnosing his problem. An older message suggests that a service pack induced this problem, per MS. I just tried it as non-admin on a W2K3 machine with recent hotfixes, and the command dir nul _did_ work for me. Though neglected, it still sounds like a virus scanner issue to me. Regards, Andreas ---(end of broadcast)--- TIP 3: Have you checked our extensive FAQ? http://www.postgresql.org/docs/faq
Re: [HACKERS] [PATCHES] [Patch] - Fix for bug #2558, InitDB failed to run
dror [EMAIL PROTECTED] writes: Hi Andrew, Regarding to your comments: 1. a patch is generated by the pro= gram diffI will do it ,if needed 2. before we do anything, as Tom Lane s= ays, we need verification of the problem, preferably in writing from Micr= osoft.I do understand that, but, de-facto, the current implementation does= not work, canceling the redirection (or open a log file) is not a matter o= f changing the OS behavior, therefore I don't see why a formal verificatio= n from Microsoft is needed.When this issue will be revealed in more and mor= e system, it can be harmless to postgress reputation and critical problems = for the end users. The difficulty we're having is that this is a very ugly fix for a problem that's been reported by no one except you. I tend to agree with Andreas' theory that what you are seeing is misbehavior of some antivirus software on your machine, rather than a change of Windows' own behavior. We are not going to accept this patch without more evidence that there really has been a change on Microsoft's part. regards, tom lane ---(end of broadcast)--- TIP 6: explain analyze is your friend
Re: [HACKERS] [PATCHES] [Patch] - Fix for bug #2558, InitDB failed
Hi All, I agree with all of you that it is strange behavior, more then that : On two win 2003 machines with the same SP and last hot fixes, on one the nul device is accessible by non admin user and on other it is not. I also agree that the source of the problem might be something that effect the OS configuration (as avirusscanner for example). The source of the problem and the right diagnostic is important, but right now we have problem (unknown) with the nul device on some of the system. I don't see any risk with canceling the redirection nor with open a log file (with permission to thepostgres user), if a commercial DB, as EnterpriseDB, choose this solution (Log file) I don't see any reason why not to do the same. Does anyoneknow why EnterpriseDB changed the nul redirection? Regards Dror Date: Tue, 15 Aug 2006 11:37:30 +0200 From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] CC: pgsql-hackers@postgresql.org; [EMAIL PROTECTED]; pgsql-patches@postgresql.org Subject: Re: [HACKERS] [PATCHES] [Patch] - Fix for bug #2558, InitDB failed to run TomLanewrote: AndrewDunstan[EMAIL PROTECTED]writes: IammorethansomewhatperplexedastowhytheNULdeviceshouldbea securityrisk...whataretheythinking?? Frankly,Idon'tbelieveit;evenMicrosoftcan'tbethatstupid. AndIcan'tfindanysuggestionthatthey'vedonethisinagoogle search.IthinktheOPismisdiagnosinghisproblem. Anoldermessagesuggeststhataservicepackinducedthisproblem,per MS.Ijusttrieditasnon-adminonaW2K3machinewithrecenthotfixes, andthecommand"dirnul"_did_workforme. Thoughneglected,itstillsoundslikeavirusscannerissuetome. Regards, Andreas ---(endofbroadcast)--- TIP3:HaveyoucheckedourextensiveFAQ? http://www.postgresql.org/docs/faqBe one of the first to try Windows Live Mail. Windows Live Mail.
Re: [HACKERS] [PATCHES] [Patch] - Fix for bug #2558, InitDB failed to run
Andreas Pflug wrote: Tom Lane wrote: Andrew Dunstan [EMAIL PROTECTED] writes: I am more than somewhat perplexed as to why the NUL device should be a security risk ... what are they thinking?? Frankly, I don't believe it; even Microsoft can't be that stupid. And I can't find any suggestion that they've done this in a google search. I think the OP is misdiagnosing his problem. An older message suggests that a service pack induced this problem, per MS. I just tried it as non-admin on a W2K3 machine with recent hotfixes, and the command dir nul _did_ work for me. Though neglected, it still sounds like a virus scanner issue to me. Yes, it seems we will need more information on this. We need someone at a win32 command prompt to show us a nul failure. -- Bruce Momjian [EMAIL PROTECTED] EnterpriseDBhttp://www.enterprisedb.com + If your life is a hard drive, Christ can be your backup. + ---(end of broadcast)--- TIP 4: Have you searched our list archives? http://archives.postgresql.org
Re: [HACKERS] [PATCHES] [Patch] - Fix for bug #2558, InitDB failed to run
Bruce Momjian wrote: Andreas Pflug wrote: Tom Lane wrote: Andrew Dunstan [EMAIL PROTECTED] writes: I am more than somewhat perplexed as to why the NUL device should be a security risk ... what are they thinking?? Frankly, I don't believe it; even Microsoft can't be that stupid. And I can't find any suggestion that they've done this in a google search. I think the OP is misdiagnosing his problem. An older message suggests that a service pack induced this problem, per MS. I just tried it as non-admin on a W2K3 machine with recent hotfixes, and the command dir nul _did_ work for me. Though neglected, it still sounds like a virus scanner issue to me. Yes, it seems we will need more information on this. We need someone at a win32 command prompt to show us a nul failure. OTOH, what issues might arise if the output is redirected to a legal tmp file? Regards, Andreas ---(end of broadcast)--- TIP 9: In versions below 8.0, the planner will ignore your desire to choose an index scan if your joining column's datatypes do not match
Re: [HACKERS] [PATCHES] [Patch] - Fix for bug #2558, InitDB failed to run
Andreas Pflug wrote: Bruce Momjian wrote: Andreas Pflug wrote: Tom Lane wrote: Andrew Dunstan [EMAIL PROTECTED] writes: I am more than somewhat perplexed as to why the NUL device should be a security risk ... what are they thinking?? Frankly, I don't believe it; even Microsoft can't be that stupid. And I can't find any suggestion that they've done this in a google search. I think the OP is misdiagnosing his problem. An older message suggests that a service pack induced this problem, per MS. I just tried it as non-admin on a W2K3 machine with recent hotfixes, and the command dir nul _did_ work for me. Though neglected, it still sounds like a virus scanner issue to me. Yes, it seems we will need more information on this. We need someone at a win32 command prompt to show us a nul failure. OTOH, what issues might arise if the output is redirected to a legal tmp file? No idea, but we aren't going to change the code without more facts. We don't have the resources to be making code changes without concrete information. -- Bruce Momjian [EMAIL PROTECTED] EnterpriseDBhttp://www.enterprisedb.com + If your life is a hard drive, Christ can be your backup. + ---(end of broadcast)--- TIP 4: Have you searched our list archives? http://archives.postgresql.org
Re: [HACKERS] [PATCHES] [Patch] - Fix for bug #2558, InitDB failed to run
Andreas Pflug [EMAIL PROTECTED] writes: what issues might arise if the output is redirected to a legal tmp file? Well, (1) finding a place to put the temp file, ie a writable directory; (2) ensuring the file is removed afterwards; (3) not exposing the user to security hazards due to unsafe use of a temp file (ye olde overwrite-a-symlink risk). Perhaps a few more I didn't think of. It's not a trivial change, and the evidence presented so far hasn't convinced me that we need to put in the effort. regards, tom lane ---(end of broadcast)--- TIP 1: if posting/reading through Usenet, please send an appropriate subscribe-nomail command to [EMAIL PROTECTED] so that your message can get through to the mailing list cleanly
Re: [HACKERS] [PATCHES] [Patch] - Fix for bug #2558, InitDB failed to run
Tom Lane wrote: Andreas Pflug [EMAIL PROTECTED] writes: what issues might arise if the output is redirected to a legal tmp file? Well, (1) finding a place to put the temp file, ie a writable directory; (2) ensuring the file is removed afterwards; (3) not exposing the user to security hazards due to unsafe use of a temp file (ye olde overwrite-a-symlink risk). Perhaps a few more I didn't think of. AFAICS all DEVNULL usages result from redirecting postmaster's output, which usually goes to $DATADIR/serverlog at runtime. If this would be used here too, (1) is as safe as any $DATADIR, (2) is as safe as cleaning up after failure usually is, (3) can't happen because the directory is checked to be empty before initdb anyway. Additionally, there's might be cases when a meaningful logfile from initdb is desirable too. So why no redirection to initlog or so? Regards, Andreas ---(end of broadcast)--- TIP 6: explain analyze is your friend
Re: [HACKERS] [PATCHES] [Patch] - Fix for bug #2558, InitDB failed
In addition to Andreas respond: 1+2) Currently the initDB is used the tmp folder to write other "Helper files" that are deleted afterwards. The fix is suggested only for win machines ,I think that redirection is more risky (as we saw with this bug) than to do redirect output to alog file that you createdand control it ,you gave the permission to and know exactly what its status (even if the reason is that some virus scanner or any other software blocked access to one device or another). But, I suggest a new improvement: Check the status and if the command failed than run itwithout redirection at all, (actually no redirection is needed in this case , you can always run the processin silent mode). The interesting question that didn't get any answer yet is: Why EnterpriseDB (which is based on postgress) find it important to change the redirection?Regards Dror, Date: Tue, 15 Aug 2006 19:10:27 +0200 From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] CC: [EMAIL PROTECTED]; pgsql-hackers@postgresql.org; [EMAIL PROTECTED] Subject: Re: [HACKERS] [PATCHES] [Patch] - Fix for bug #2558, InitDB failed to run TomLanewrote: AndreasPflug[EMAIL PROTECTED]writes: whatissuesmightariseiftheoutputisredirectedtoalegaltmpfile? Well,(1)findingaplacetoputthetempfile,ieawritabledirectory; (2)ensuringthefileisremovedafterwards;(3)notexposingtheuser tosecurityhazardsduetounsafeuseofatempfile(yeolde overwrite-a-symlinkrisk).PerhapsafewmoreIdidn'tthinkof. AFAICSallDEVNULLusagesresultfromredirectingpostmaster'soutput, whichusuallygoesto$DATADIR/serverlogatruntime.Ifthiswouldbe usedheretoo,(1)isassafeasany$DATADIR,(2)isassafeas cleaningupafterfailureusuallyis,(3)can'thappenbecausethe directoryischeckedtobeemptybeforeinitdbanyway.Additionally, there'smightbecaseswhenameaningfullogfilefrominitdbis desirabletoo.Sowhynoredirectiontoinitlogorso? Regards, Andreas---(endofbroadcast)--- TIP6:explainanalyzeisyourfriendBe one of the first to try Windows Live Mail. Windows Live Mail.
Re: [HACKERS] [PATCHES] [Patch] - Fix for bug #2558, InitDB failed to run
Andrew Dunstan [EMAIL PROTECTED] writes: I am more than somewhat perplexed as to why the NUL device should be a security risk ... what are they thinking?? Frankly, I don't believe it; even Microsoft can't be that stupid. And I can't find any suggestion that they've done this in a google search. I think the OP is misdiagnosing his problem. regards, tom lane ---(end of broadcast)--- TIP 3: Have you checked our extensive FAQ? http://www.postgresql.org/docs/faq