| From: | tgl(at)postgresql(dot)org (Tom Lane) |
|---|---|
| To: | pgsql-committers(at)postgresql(dot)org |
| Subject: | pgsql: Simplify validate_exec() by using access(2) to check file |
| Date: | 2010-01-14 00:14:06 |
| Message-ID: | 20100114001406.723627541B9@cvs.postgresql.org |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-committers |
Log Message:
-----------
Simplify validate_exec() by using access(2) to check file permissions,
rather than trying to implement the equivalent logic by hand. The motivation
for the original coding appears to have been to check with the effective uid's
permissions not the real uid's; but there is no longer any difference, because
we don't run the postmaster setuid (indeed, main.c enforces that they're the
same). Using access() means we will get it right in situations the original
coding failed to handle, such as ACL-based permissions. Besides it's a lot
shorter, cleaner, and more thread-safe. Per bug #5275 from James Bellinger.
Modified Files:
--------------
pgsql/src/port:
exec.c (r1.66 -> r1.67)
(http://anoncvs.postgresql.org/cvsweb.cgi/pgsql/src/port/exec.c?r1=1.66&r2=1.67)
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bruce Momjian | 2010-01-14 04:30:56 | Re: pgsql: Simplify validate_exec() by using access(2) to check file |
| Previous Message | Tom Lane | 2010-01-13 23:07:28 | pgsql: When loading critical system indexes into the relcache, ensure we |