database/postgres
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2025-07-28 23:42:10 +03:00
Code Activity

Support new default roles with adminpack

Browse Source 
This provides a newer version of adminpack which works with the newly
added default roles to support GRANT'ing to non-superusers access to
read and write files, along with related functions (unlinking files,
getting file length, renaming/removing files, scanning the log file
directory) which are supported through adminpack.

Note that new versions of the functions are required because an
environment might have an updated version of the library but still have
the old adminpack 1.0 catalog definitions (where EXECUTE is GRANT'd to
PUBLIC for the functions).

This patch also removes the long-deprecated alternative names for
functions that adminpack used to include and which are now included in
the backend, in adminpack v1.1.  Applications using the deprecated names
should be updated to use the backend functions instead.  Existing
installations which continue to use adminpack v1.0 should continue to
function until/unless adminpack is upgraded.

Reviewed-By: Michael Paquier
Discussion: https://postgr.es/m/20171231191939.GR2416%40tamriel.snowman.net
This commit is contained in:
Stephen Frost
2018-04-06 14:47:10 -04:00
parent 0fdc8495bf
commit 11523e860f
10 changed files with 388 additions and 88 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
contrib/adminpack/expected/adminpack.out
View File

@ -34,7 +34,12 @@ SELECT pg_read_file('test_file1');
test1test1
(1 row)
-- disallowed file paths
-- disallowed file paths for non-superusers and users who are
-- not members of pg_write_server_files
CREATE ROLE regress_user1;
GRANT pg_read_all_settings TO regress_user1;
GRANT EXECUTE ON FUNCTION pg_file_write(text,text,bool) TO regress_user1;
SET ROLE regress_user1;
SELECT pg_file_write('../test_file0', 'test0', false);
ERROR: path must be in or below the current directory
SELECT pg_file_write('/tmp/test_file0', 'test0', false);
@ -47,6 +52,10 @@ SELECT pg_file_write(current_setting('data_directory') || '/test_file4', 'test4'
SELECT pg_file_write(current_setting('data_directory') || '/../test_file4', 'test4', false);
ERROR: reference to parent directory ("..") not allowed
RESET ROLE;
REVOKE EXECUTE ON FUNCTION pg_file_write(text,text,bool) FROM regress_user1;
REVOKE pg_read_all_settings FROM regress_user1;
DROP ROLE regress_user1;
-- rename file
SELECT pg_file_rename('test_file1', 'test_file2');
pg_file_rename
@ -132,14 +141,14 @@ SELECT pg_file_unlink('test_file4');
CREATE USER regress_user1;
SET ROLE regress_user1;
SELECT pg_file_write('test_file0', 'test0', false);
ERROR: only superuser may access generic file functions
ERROR: permission denied for function pg_file_write
SELECT pg_file_rename('test_file0', 'test_file0');
ERROR: only superuser may access generic file functions
ERROR: permission denied for function pg_file_rename
CONTEXT: SQL function "pg_file_rename" statement 1
SELECT pg_file_unlink('test_file0');
ERROR: only superuser may access generic file functions
ERROR: permission denied for function pg_file_unlink
SELECT pg_logdir_ls();
ERROR: only superuser can list the log directory
ERROR: permission denied for function pg_logdir_ls
RESET ROLE;
DROP USER regress_user1;
-- no further tests for pg_logdir_ls() because it depends on the