Re: PgSQL not as Administrator - probs on w

Merlin Moncure wrote:
> Steve Tibbett wrote:
>>
>> It is normal on Windows for users to have admin rights on the local
>> system.  As much as this needs to be changed, you're not going to
>> change it.  If you insist on not running on an account with admin
>> rights, you're just going to frustrate users
>>
>> You could say "Windows is inherently insecure; refusing to run".  That
>> would make the port much simpler.  :)
>>
>> A warning is appropriate I think.. but refusing to run is going
>> overboard.  Just my two cents.
>
> I disagree completely.  Opening a tcp/ip server with this level of
> complexity for root access is a recipe for disaster.  Wait until an
> exploit pops up and hundreds of win32 boxes get rooted.  This would be a
> huge embarrassment and would be awful press.  Do you really want to
> allow for this scenario?

I'm not sure I understand the problem. Doesn't an administrative
user have sufficient priviledges to 'do the right thing' and
create a user for the PostgreSQL service? Isn't it just a matter
of wrapping the necessary commands in batchfiles with a
teletubbies icon so that the user doesn't even notice PostgreSQL
is running under another account?

The only problem I foresee is that users might find doing the
right thing too complicated. Lets focus on making it easier.

Jochem