| From: | Joseph Koshakow <koshy44(at)gmail(dot)com> |
|---|---|
| To: | Nathan Bossart <nathandbossart(at)gmail(dot)com> |
| Cc: | PostgreSQL Hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: Preventing non-superusers from altering session authorization |
| Date: | 2023-07-10 00:54:30 |
| Message-ID: | CAAvxfHfq8Dgn1jBR2w+mLBUaPFvDvjavoRkzKBz0ZtJktGFS5A@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Sun, Jul 9, 2023 at 1:03 PM Joseph Koshakow <koshy44(at)gmail(dot)com> wrote:
>> * Only a superuser may set auth ID to something other than himself
> Is "auth ID" the right term here? Maybe something like "Only a
> superuser may set their session authorization/ID to something other
> than their authenticated ID."
>> But we set the GUC variable
>> * is_superuser to indicate whether the *current* session userid is a
>> * superuser.
> Just a small correction here, I believe the is_superuser GUC is meant
> to indicate whether the current user id is a superuser, not the current
> session user id. We only update is_superuser in SetSessionAuthorization
> because we are also updating the current user id in SetSessionUserId.
I just realized that you moved this comment from
SetSessionAuthorization. I think we should leave the part about setting
the GUC variable is_superuser on top of SetSessionAuthorization since
that's where we actually set the GUC.
Thanks,
Joe Koshakow
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Japin Li | 2023-07-10 01:04:42 | Re: Add hint message for check_log_destination() |
| Previous Message | Thomas Munro | 2023-07-09 22:45:04 | Re: Cleaning up threading code |