Re: [pgAdmin4][Patch] To fix the issue in Debugger module

From: Dave Page <dpage(at)pgadmin(dot)org>
To: Murtuza Zabuawala <murtuza(dot)zabuawala(at)enterprisedb(dot)com>
Cc: pgadmin-hackers <pgadmin-hackers(at)postgresql(dot)org>
Subject: Re: [pgAdmin4][Patch] To fix the issue in Debugger module
Date: 2017-06-27 20:58:25
Message-ID: CA+OCxowpK11d0ugGdgz=Dn4_9Tg_H-2xCufaSgiSVwOZGUr+1g@mail.gmail.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgadmin-hackers

Thanks, patch applied.

On Tue, Jun 27, 2017 at 4:21 AM, Murtuza Zabuawala <
murtuza(dot)zabuawala(at)enterprisedb(dot)com> wrote:

> Hi Dave
>
> Please find updated patch,
>
> On Fri, Jun 23, 2017 at 7:09 PM, Dave Page <dpage(at)pgadmin(dot)org> wrote:
>
>> Hi
>>
>> I'm unable to properly test this, as the debugger doesn't even seem to
>> launch for a non-superuser. I just get a white tab, and a whole lot of
>> polling indefinitely. Can you debug if you're not a superuser, but you
>> own the function?
>>
>> I tested this scenario both ways,
> 1) Direct debugging: I was able to debug function, when debugger library
> is loaded via shared preload libraries and also when it is not loaded.
> 2) Indirect debugging: I was not able to debug.
> So, I have added the validation in both Server and Client side, Now we
> will not show the option for the same if user is non-super user.
>
> Looking at the patch itself, I wonder if the logic is still a little
>> off. You need to be a superuser to use indirect debugging (because of
>> the DOS potential), so shouldn't the superuser check be changed to "if
>> !superuser then throw error"? As it is, if you're not superuser then
>> it just skips the check for the plugin, which seems like it'll never
>> end well.
>>
>> Fixed.
>
>>
>> On Fri, Jun 23, 2017 at 1:35 PM, Murtuza Zabuawala
>> <murtuza(dot)zabuawala(at)enterprisedb(dot)com> wrote:
>> > Hi Dave,
>> >
>> > Please find updated patch.
>> >
>> > --
>> > Regards,
>> > Murtuza Zabuawala
>> > EnterpriseDB: http://www.enterprisedb.com
>> > The Enterprise PostgreSQL Company
>> >
>> > On Fri, Jun 23, 2017 at 2:38 PM, Murtuza Zabuawala
>> > <murtuza(dot)zabuawala(at)enterprisedb(dot)com> wrote:
>> >>
>> >> Yes, I'm looking into it, I will send updated patch.
>> >>
>> >> --
>> >> Regards,
>> >> Murtuza Zabuawala
>> >> EnterpriseDB: http://www.enterprisedb.com
>> >> The Enterprise PostgreSQL Company
>> >>
>> >> On Fri, Jun 23, 2017 at 2:32 PM, Dave Page <dpage(at)pgadmin(dot)org> wrote:
>> >>>
>> >>> On Fri, Jun 23, 2017 at 9:56 AM, Murtuza Zabuawala
>> >>> <murtuza(dot)zabuawala(at)enterprisedb(dot)com> wrote:
>> >>> > Yes Dave,
>> >>> >
>> >>> > You are right, I tested and found that indirect debugging is not
>> >>> > working.
>> >>> > But otherwise for direct debugging it works properly.
>> >>>
>> >>> Does the patch take that into account, or are you modifying it?
>> >>>
>> >>> > On Fri, Jun 23, 2017 at 1:20 PM, Dave Page <dpage(at)pgadmin(dot)org>
>> wrote:
>> >>> >>
>> >>> >> On Fri, Jun 23, 2017 at 7:16 AM, Murtuza Zabuawala
>> >>> >> <murtuza(dot)zabuawala(at)enterprisedb(dot)com> wrote:
>> >>> >> > Hi,
>> >>> >> >
>> >>> >> > PFA patch to fix the issue in Debugger module where it was
>> unable to
>> >>> >> > start
>> >>> >> > debugging if 'plugin_debugger' can not found in
>> >>> >> > shared_preload_libraries.
>> >>> >> > RM#2162
>> >>> >> >
>> >>> >> > Original patch by: Kit Yam Tse
>> >>> >> > (who reported the issue)
>> >>> >> >
>> >>> >> > I just re-based it against current code.
>> >>> >>
>> >>> >> Isn't that code required? We do need plugin_debugger to be present
>> for
>> >>> >> global (indirect) debugging to work. I suppose it may not be
>> required
>> >>> >> for direct debugging, but I haven't tested that.
>> >>> >>
>> >>> >>
>> >>> >> --
>> >>> >> Dave Page
>> >>> >> Blog: http://pgsnake.blogspot.com
>> >>> >> Twitter: @pgsnake
>> >>> >>
>> >>> >> EnterpriseDB UK: http://www.enterprisedb.com
>> >>> >> The Enterprise PostgreSQL Company
>> >>> >
>> >>> >
>> >>>
>> >>>
>> >>>
>> >>> --
>> >>> Dave Page
>> >>> Blog: http://pgsnake.blogspot.com
>> >>> Twitter: @pgsnake
>> >>>
>> >>> EnterpriseDB UK: http://www.enterprisedb.com
>> >>> The Enterprise PostgreSQL Company
>> >>
>> >>
>> >
>>
>>
>>
>> --
>> Dave Page
>> Blog: http://pgsnake.blogspot.com
>> Twitter: @pgsnake
>>
>> EnterpriseDB UK: http://www.enterprisedb.com
>> The Enterprise PostgreSQL Company
>>
>
>

--
Dave Page
Blog: http://pgsnake.blogspot.com
Twitter: @pgsnake

EnterpriseDB UK: http://www.enterprisedb.com
The Enterprise PostgreSQL Company

In response to

Browse pgadmin-hackers by date

  From Date Subject
Next Message Dave Page 2017-06-27 20:59:04 pgAdmin 4 commit: Allow non-superusers to debug their own functions and
Previous Message Robert Eckhardt 2017-06-27 18:27:02 Re: [pgadmin-hackers][patch] History Detail Pane