database/postgres
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2025-11-03 09:13:20 +03:00
Code Activity

Force certain "pljava" custom GUCs to be PGC_SUSET.

Browse Source 
Future PL/Java versions will close CVE-2016-0766 by making these GUCs
PGC_SUSET.  This PostgreSQL change independently mitigates that PL/Java
vulnerability, helping sites that update PostgreSQL more frequently than
PL/Java.  Back-patch to 9.1 (all supported versions).
This commit is contained in:
Noah Misch
2016-02-05 20:22:51 -05:00
parent 9a3475b84e
commit 34e91736bb
1 changed files with 11 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
src/backend/utils/misc/guc.c
View File

@@ -6461,6 +6461,17 @@ init_custom_variable(const char *name,
!process_shared_preload_libraries_in_progress) !process_shared_preload_libraries_in_progress)
elog(FATAL, "cannot create PGC_POSTMASTER variables after startup"); elog(FATAL, "cannot create PGC_POSTMASTER variables after startup");
/*
* Before pljava commit 398f3b876ed402bdaec8bc804f29e2be95c75139
* (2015-12-15), two of that module's PGC_USERSET variables facilitated
* trivial escalation to superuser privileges. Restrict the variables to
* protect sites that have yet to upgrade pljava.
*/
if (context == PGC_USERSET &&
(strcmp(name, "pljava.classpath") == 0 ||
strcmp(name, "pljava.vmoptions") == 0))
context = PGC_SUSET;
gen = (struct config_generic *) guc_malloc(ERROR, sz); gen = (struct config_generic *) guc_malloc(ERROR, sz);
memset(gen, 0, sz); memset(gen, 0, sz);