database/postgres
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2025-07-27 12:41:57 +03:00
Code Activity

adminpack: Revoke EXECUTE on pg_logfile_rotate()

Browse Source 
In 9.6, we moved a number of functions over to using the GRANT system to
control access instead of having hard-coded superuser checks.

As it turns out, adminpack was creating another function in the catalog
for one of those backend functions where the superuser check was
removed, specifically pg_rotate_logfile(), but it didn't get the memo
about having to REVOKE EXECUTE on the alternative-name function
(pg_logfile_rotate()), meaning that in any installations with adminpack
on 9.6 and higher, any user is able to run the pg_logfile_rotate()
function, which then calls pg_rotate_logfile() and rotates the logfile.

Fix by adding a new version of adminpack (1.1) which handles the REVOKE.
As this function should have only been available to the superuser, this
is a security issue, albeit a minor one.

In HEAD, move the changes implemented for adminpack up to be adminpack
2.0 instead of 1.1.

Security: CVE-2018-1115
This commit is contained in:
Stephen Frost
2018-05-07 10:10:33 -04:00
parent f955d7ee16
commit 7b347409fa
4 changed files with 54 additions and 48 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
contrib/adminpack/Makefile
View File

@ -5,7 +5,7 @@ OBJS = adminpack.o $(WIN32RES)
PG_CPPFLAGS = -I$(libpq_srcdir)
EXTENSION = adminpack
DATA = adminpack--1.0.sql adminpack--1.0--1.1.sql
DATA = adminpack--1.0.sql adminpack--1.0--1.1.sql adminpack--1.1--2.0.sql
PGFILEDESC = "adminpack - support functions for pgAdmin"
REGRESS = adminpack