Re: Isn't pg_statistic a security hole?

From: "Joe Conway" <joe(at)conway-family(dot)com>
To: "Serguei Mokhov" <sa_mokho(at)alcor(dot)concordia(dot)ca>, "Tom Lane" <tgl(at)sss(dot)pgh(dot)pa(dot)us>
Cc: <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: Isn't pg_statistic a security hole?
Date: 2001-05-06 18:35:49
Message-ID: 00e901c0d65b$600f5740$0205a8c0@jecw2k1
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

> "Serguei Mokhov" <sa_mokho(at)alcor(dot)concordia(dot)ca> writes:
> > Being a simple user, I still want to view the stats from the table,
> > but it should be limited only to the stuff I own. I don't wanna let
> > others see any of my info, however. The SU's, of course, should be
> > able to read all the stats.
>
> This is infeasible since we don't have a concept of per-row permissions.
> It's all or nothing.
>

You can acheive the same effect using a view if the statistics table has the
user name included.

Joe

test=# select version();
version
-----------------------------------------------------------
PostgreSQL 7.1 on i686-pc-linux-gnu, compiled by GCC 2.96
(1 row)

create table teststat(username name,stat_id int4,stat_val float, primary
key(username,stat_id));
NOTICE: CREATE TABLE/PRIMARY KEY will create implicit index 'teststat_pkey'
for table 'teststat'
CREATE
insert into teststat values('postgres',1,15.321);
INSERT 1007064 1
insert into teststat values('foo',1,12.123);
INSERT 1007065 1
select * from teststat;
username | stat_id | stat_val
----------+---------+----------
postgres | 1 | 15.321
foo | 1 | 12.123
(2 rows)

create view vw_teststat as (select * from teststat where
(username=current_user or current_user='postgres'));
CREATE
select current_user;
current_user
--------------
postgres
(1 row)

select * from vw_teststat;
username | stat_id | stat_val
----------+---------+----------
postgres | 1 | 15.321
foo | 1 | 12.123
(2 rows)

create user foo;
CREATE USER
grant select on vw_teststat to foo;
CHANGE
You are now connected as new user foo.
select current_user;
current_user
--------------
foo
(1 row)

select * from vw_teststat;
username | stat_id | stat_val
----------+---------+----------
foo | 1 | 12.123
(1 row)

In response to

Browse pgsql-hackers by date

  From Date Subject
Next Message Tom Lane 2001-05-06 19:12:03 Re: Isn't pg_statistic a security hole?
Previous Message Serguei Mokhov 2001-05-06 18:15:52 Fw: Isn't pg_statistic a security hole?