PostgreSQL Source Code  git master
restricted_token.h File Reference
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Functions

void get_restricted_token (void)
 

Function Documentation

◆ get_restricted_token()

void get_restricted_token ( void  )

Definition at line 154 of file restricted_token.c.

References pg_free(), pg_log_error, pg_strdup(), and putenv.

Referenced by main(), and regression_main().

155 {
156 #ifdef WIN32
157  HANDLE restrictedToken;
158 
159  /*
160  * Before we execute another program, make sure that we are running with a
161  * restricted token. If not, re-execute ourselves with one.
162  */
163 
164  if ((restrict_env = getenv("PG_RESTRICT_EXEC")) == NULL
165  || strcmp(restrict_env, "1") != 0)
166  {
167  PROCESS_INFORMATION pi;
168  char *cmdline;
169 
170  ZeroMemory(&pi, sizeof(pi));
171 
172  cmdline = pg_strdup(GetCommandLine());
173 
174  putenv("PG_RESTRICT_EXEC=1");
175 
176  if ((restrictedToken = CreateRestrictedProcess(cmdline, &pi)) == 0)
177  {
178  pg_log_error("could not re-execute with restricted token: error code %lu", GetLastError());
179  }
180  else
181  {
182  /*
183  * Successfully re-executed. Now wait for child process to capture
184  * the exit code.
185  */
186  DWORD x;
187 
188  CloseHandle(restrictedToken);
189  CloseHandle(pi.hThread);
190  WaitForSingleObject(pi.hProcess, INFINITE);
191 
192  if (!GetExitCodeProcess(pi.hProcess, &x))
193  {
194  pg_log_error("could not get exit code from subprocess: error code %lu", GetLastError());
195  exit(1);
196  }
197  exit(x);
198  }
199  pg_free(cmdline);
200  }
201 #endif
202 }
#define pg_log_error(...)
Definition: logging.h:80
char * pg_strdup(const char *in)
Definition: fe_memutils.c:85
void pg_free(void *ptr)
Definition: fe_memutils.c:105
#define putenv(x)
Definition: win32_port.h:474