odoo
/
odoo
2
0
Fork 0
Code Pull Requests Releases Activity

[IMP] Disallow connection to PostgreSQL with postgres user himself (security flaws) 

bzr revid: christophe.chauvet@syleam.fr-20091207103706-vp3sc1gydbjtqmzg
This commit is contained in:
Christophe Chauvet 2009-12-07 11:37:06 +01:00
parent ac8e7946f5
commit 5b2852e442
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
bin/openerp-server.py
View File

@ -70,6 +70,12 @@ logger = netsvc.Logger()
#-----------------------------------------------------------------------
import tools
# Check if the connection to PostgreSQL don't use postgres user
if tools.config['db_user'] == 'postgres':
sys.stderr.write("Attempted to connected database with postgres user." \
" This is a security flaws, aborting.\n")
sys.exit(1)
logger.notifyChannel("server", netsvc.LOG_INFO, "version - %s" % release.version )
for name, value in [('addons_path', tools.config['addons_path']),
('database hostname', tools.config['db_host'] or 'localhost'),