1
0
mirror of https://github.com/postgres/postgres.git synced 2025-07-31 22:04:40 +03:00

Further fix privileges on pg_statistic_ext[_data].

We don't need to restrict column privileges on pg_statistic_ext;
all of that data is OK to read publicly.  What we *do* need to do,
which was overlooked by 6cbfb784c, is revoke public read access on
pg_statistic_ext_data; otherwise we still have the same security
hole we started with.

Catversion bump to ensure that installations calling themselves
beta2 will have this fix.

Diagnosis/correction by Dean Rasheed and Tomas Vondra, but I'm
going to go ahead and push this fix ASAP so we get more buildfarm
cycles on it.

Discussion: https://postgr.es/m/8833.1560647898@sss.pgh.pa.us
This commit is contained in:
Tom Lane
2019-06-16 11:00:23 -04:00
parent fc8cf3df47
commit 6973b058bc
2 changed files with 3 additions and 4 deletions

View File

@ -290,9 +290,8 @@ CREATE VIEW pg_stats_ext WITH (security_barrier) AS
WHERE NOT has_column_privilege(c.oid, a.attnum, 'select') ) WHERE NOT has_column_privilege(c.oid, a.attnum, 'select') )
AND (c.relrowsecurity = false OR NOT row_security_active(c.oid)); AND (c.relrowsecurity = false OR NOT row_security_active(c.oid));
REVOKE ALL on pg_statistic_ext FROM public; -- unprivileged users may read pg_statistic_ext but not pg_statistic_ext_data
GRANT SELECT (tableoid, oid, stxrelid, stxname, stxnamespace, stxowner, stxkeys, stxkind) REVOKE ALL on pg_statistic_ext_data FROM public;
ON pg_statistic_ext TO public;
CREATE VIEW pg_publication_tables AS CREATE VIEW pg_publication_tables AS
SELECT SELECT

View File

@ -53,6 +53,6 @@
*/ */
/* yyyymmddN */ /* yyyymmddN */
#define CATALOG_VERSION_NO 201906152 #define CATALOG_VERSION_NO 201906161
#endif #endif