From 5b2852e44286719be48483cc253539d8446b3667 Mon Sep 17 00:00:00 2001
From: Christophe Chauvet <christophe.chauvet@syleam.fr>
Date: Mon, 7 Dec 2009 11:37:06 +0100
Subject: [PATCH] [IMP] Disallow connection to PostgreSQL with postgres user
 himself (security flaws)

bzr revid: christophe.chauvet@syleam.fr-20091207103706-vp3sc1gydbjtqmzg
---
 bin/openerp-server.py | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/bin/openerp-server.py b/bin/openerp-server.py
index 33b5fef9aeb..2d445070011 100755
--- a/bin/openerp-server.py
+++ b/bin/openerp-server.py
@@ -70,6 +70,12 @@ logger = netsvc.Logger()
 #-----------------------------------------------------------------------
 import tools
 
+# Check if the connection to PostgreSQL don't use postgres user
+if tools.config['db_user'] == 'postgres':
+    sys.stderr.write("Attempted to connected database with postgres user." \
+            " This is a security flaws, aborting.\n")
+    sys.exit(1)
+
 logger.notifyChannel("server", netsvc.LOG_INFO, "version - %s" % release.version )
 for name, value in [('addons_path', tools.config['addons_path']),
                     ('database hostname', tools.config['db_host'] or 'localhost'),