database/postgres
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2025-11-03 09:13:20 +03:00
Code Activity

Prevent ALTER USER f RESET ALL from removing the settings that were put there

Browse Source 
by a superuser -- "ALTER USER f RESET setting" already disallows removing such a
setting.

Apply the same treatment to ALTER DATABASE d RESET ALL when run by a database
owner that's not superuser.
This commit is contained in:
Alvaro Herrera
2010-03-25 14:45:36 +00:00
parent 40db749c70
commit 03ecb57737
4 changed files with 134 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
src/backend/commands/dbcommands.c
View File

@@ -15,7 +15,7 @@
* *
* *
* IDENTIFICATION * IDENTIFICATION
* $PostgreSQL: pgsql/src/backend/commands/dbcommands.c,v 1.173.2.3 2007/04/12 15:04:47 tgl Exp $ * $PostgreSQL: pgsql/src/backend/commands/dbcommands.c,v 1.173.2.4 2010/03/25 14:45:35 alvherre Exp $
* *
*------------------------------------------------------------------------- *-------------------------------------------------------------------------
*/ */
@@ -924,10 +924,31 @@ AlterDatabaseSet(AlterDatabaseSetStmt *stmt)
if (strcmp(stmt->variable, "all") == 0 && valuestr == NULL) if (strcmp(stmt->variable, "all") == 0 && valuestr == NULL)
{ {
/* RESET ALL */ ArrayType *new = NULL;
Datum datum;
bool isnull;
/*
* in RESET ALL, request GUC to reset the settings array; if none
* left, we can set datconfig to null; otherwise use the returned
* array
*/
datum = heap_getattr(tuple, Anum_pg_database_datconfig,
RelationGetDescr(rel), &isnull);
if (!isnull)
new = GUCArrayReset(DatumGetArrayTypeP(datum));
if (new)
{
repl_val[Anum_pg_database_datconfig - 1] = PointerGetDatum(new);
repl_repl[Anum_pg_database_datconfig - 1] = 'r';
repl_null[Anum_pg_database_datconfig - 1] = ' ';
}
else
{
repl_null[Anum_pg_database_datconfig - 1] = 'n'; repl_null[Anum_pg_database_datconfig - 1] = 'n';
repl_val[Anum_pg_database_datconfig - 1] = (Datum) 0; repl_val[Anum_pg_database_datconfig - 1] = (Datum) 0;
} }
}
else else
{ {
Datum datum; Datum datum;

26
src/backend/commands/user.c
View File

@@ -6,7 +6,7 @@
* Portions Copyright (c) 1996-2005, PostgreSQL Global Development Group * Portions Copyright (c) 1996-2005, PostgreSQL Global Development Group
* Portions Copyright (c) 1994, Regents of the University of California * Portions Copyright (c) 1994, Regents of the University of California
* *
* $PostgreSQL: pgsql/src/backend/commands/user.c,v 1.164 2005/11/04 17:25:15 tgl Exp $ * $PostgreSQL: pgsql/src/backend/commands/user.c,v 1.164.2.1 2010/03/25 14:45:35 alvherre Exp $
* *
*------------------------------------------------------------------------- *-------------------------------------------------------------------------
*/ */
@@ -757,8 +757,30 @@ AlterRoleSet(AlterRoleSetStmt *stmt)
repl_repl[Anum_pg_authid_rolconfig - 1] = 'r'; repl_repl[Anum_pg_authid_rolconfig - 1] = 'r';
if (strcmp(stmt->variable, "all") == 0 && valuestr == NULL) if (strcmp(stmt->variable, "all") == 0 && valuestr == NULL)
{ {
/* RESET ALL */ ArrayType *new = NULL;
Datum datum;
bool isnull;
/*
* in RESET ALL, request GUC to reset the settings array; if none
* left, we can set rolconfig to null; otherwise use the returned
* array
*/
datum = SysCacheGetAttr(AUTHNAME, oldtuple,
Anum_pg_authid_rolconfig, &isnull);
if (!isnull)
new = GUCArrayReset(DatumGetArrayTypeP(datum));
if (new)
{
repl_val[Anum_pg_authid_rolconfig - 1] = PointerGetDatum(new);
repl_repl[Anum_pg_authid_rolconfig - 1] = 'r';
repl_null[Anum_pg_authid_rolconfig - 1] = ' ';
}
else
{
repl_null[Anum_pg_authid_rolconfig - 1] = 'n'; repl_null[Anum_pg_authid_rolconfig - 1] = 'n';
repl_val[Anum_pg_authid_rolconfig - 1] = (Datum) 0;
}
} }
else else
{ {

83
src/backend/utils/misc/guc.c
View File

@@ -10,7 +10,7 @@
* Written by Peter Eisentraut <peter_e@gmx.net>. * Written by Peter Eisentraut <peter_e@gmx.net>.
* *
* IDENTIFICATION * IDENTIFICATION
* $PostgreSQL: pgsql/src/backend/utils/misc/guc.c,v 1.299.2.8 2010/02/25 23:44:27 tgl Exp $ * $PostgreSQL: pgsql/src/backend/utils/misc/guc.c,v 1.299.2.9 2010/03/25 14:45:36 alvherre Exp $
* *
*-------------------------------------------------------------------- *--------------------------------------------------------------------
*/ */
@@ -5439,6 +5439,7 @@ ProcessGUCArray(ArrayType *array, GucSource source)
free(name); free(name);
if (value) if (value)
free(value); free(value);
pfree(s);
} }
} }
@@ -5574,6 +5575,85 @@ GUCArrayDelete(ArrayType *array, const char *name)
&& val[strlen(name)] == '=') && val[strlen(name)] == '=')
continue; continue;
/* else add it to the output array */
if (newarray)
{
newarray = array_set(newarray, 1, &index,
d,
false,
-1 /* varlenarray */ ,
-1 /* TEXT's typlen */ ,
false /* TEXT's typbyval */ ,
'i' /* TEXT's typalign */ );
}
else
newarray = construct_array(&d, 1,
TEXTOID,
-1, false, 'i');
index++;
}
return newarray;
}
/*
* Given a GUC array, delete all settings from it that our permission
* level allows: if superuser, delete them all; if regular user, only
* those that are PGC_USERSET
*/
ArrayType *
GUCArrayReset(ArrayType *array)
{
ArrayType *newarray;
int i;
int index;
/* if array is currently null, nothing to do */
if (!array)
return NULL;
/* if we're superuser, we can delete everything */
if (superuser())
return NULL;
newarray = NULL;
index = 1;
for (i = 1; i <= ARR_DIMS(array)[0]; i++)
{
Datum d;
char *val;
char *eqsgn;
bool isnull;
struct config_generic *gconf;
d = array_ref(array, 1, &i,
-1 /* varlenarray */ ,
-1 /* TEXT's typlen */ ,
false /* TEXT's typbyval */ ,
'i' /* TEXT's typalign */ ,
&isnull);
if (isnull)
continue;
val = DatumGetCString(DirectFunctionCall1(textout, d));
eqsgn = strchr(val, '=');
*eqsgn = '\0';
gconf = find_option(val, WARNING);
if (!gconf)
continue;
/* note: superuser-ness was already checked above */
/* skip entry if OK to delete */
if (gconf->context == PGC_USERSET)
continue;
/* XXX do we need to worry about database owner? */
/* else add it to the output array */ /* else add it to the output array */
if (newarray) if (newarray)
{ {
@@ -5592,6 +5672,7 @@ GUCArrayDelete(ArrayType *array, const char *name)
-1, false, 'i'); -1, false, 'i');
index++; index++;
pfree(val);
} }
return newarray; return newarray;

3
src/include/utils/guc.h
View File

@@ -7,7 +7,7 @@
* Copyright (c) 2000-2005, PostgreSQL Global Development Group * Copyright (c) 2000-2005, PostgreSQL Global Development Group
* Written by Peter Eisentraut <peter_e@gmx.net>. * Written by Peter Eisentraut <peter_e@gmx.net>.
* *
* $PostgreSQL: pgsql/src/include/utils/guc.h,v 1.63.2.2 2009/12/09 21:58:44 tgl Exp $ * $PostgreSQL: pgsql/src/include/utils/guc.h,v 1.63.2.3 2010/03/25 14:45:36 alvherre Exp $
*-------------------------------------------------------------------- *--------------------------------------------------------------------
*/ */
#ifndef GUC_H #ifndef GUC_H
@@ -211,6 +211,7 @@ extern char *flatten_set_variable_args(const char *name, List *args);
extern void ProcessGUCArray(ArrayType *array, GucSource source); extern void ProcessGUCArray(ArrayType *array, GucSource source);
extern ArrayType *GUCArrayAdd(ArrayType *array, const char *name, const char *value); extern ArrayType *GUCArrayAdd(ArrayType *array, const char *name, const char *value);
extern ArrayType *GUCArrayDelete(ArrayType *array, const char *name); extern ArrayType *GUCArrayDelete(ArrayType *array, const char *name);
extern ArrayType *GUCArrayReset(ArrayType *array);
#ifdef EXEC_BACKEND #ifdef EXEC_BACKEND
extern void write_nondefault_variables(GucContext context); extern void write_nondefault_variables(GucContext context);