Re: [pgAdmin4][Patch] To fix the issue in Debugger module

Hi Dave

Please find updated patch,

On Fri, Jun 23, 2017 at 7:09 PM, Dave Page <dpage(at)pgadmin(dot)org> wrote:

> Hi
>
> I'm unable to properly test this, as the debugger doesn't even seem to
> launch for a non-superuser. I just get a white tab, and a whole lot of
> polling indefinitely. Can you debug if you're not a superuser, but you
> own the function?
>
> I tested this scenario both ways,
1) Direct debugging: I was able to debug function, when debugger library is
loaded via shared preload libraries and also when it is not loaded.
2) Indirect debugging: I was not able to debug.
So, I have added the validation in both Server and Client side, Now we will
not show the option for the same if user is non-super user.

Looking at the patch itself, I wonder if the logic is still a little
> off. You need to be a superuser to use indirect debugging (because of
> the DOS potential), so shouldn't the superuser check be changed to "if
> !superuser then throw error"? As it is, if you're not superuser then
> it just skips the check for the plugin, which seems like it'll never
> end well.
>
> Fixed.

>
> On Fri, Jun 23, 2017 at 1:35 PM, Murtuza Zabuawala
> <murtuza(dot)zabuawala(at)enterprisedb(dot)com> wrote:
> > Hi Dave,
> >
> > Please find updated patch.
> >
> > --
> > Regards,
> > Murtuza Zabuawala
> > EnterpriseDB: http://www.enterprisedb.com
> > The Enterprise PostgreSQL Company
> >
> > On Fri, Jun 23, 2017 at 2:38 PM, Murtuza Zabuawala
> > <murtuza(dot)zabuawala(at)enterprisedb(dot)com> wrote:
> >>
> >> Yes, I'm looking into it, I will send updated patch.
> >>
> >> --
> >> Regards,
> >> Murtuza Zabuawala
> >> EnterpriseDB: http://www.enterprisedb.com
> >> The Enterprise PostgreSQL Company
> >>
> >> On Fri, Jun 23, 2017 at 2:32 PM, Dave Page <dpage(at)pgadmin(dot)org> wrote:
> >>>
> >>> On Fri, Jun 23, 2017 at 9:56 AM, Murtuza Zabuawala
> >>> <murtuza(dot)zabuawala(at)enterprisedb(dot)com> wrote:
> >>> > Yes Dave,
> >>> >
> >>> > You are right, I tested and found that indirect debugging is not
> >>> > working.
> >>> > But otherwise for direct debugging it works properly.
> >>>
> >>> Does the patch take that into account, or are you modifying it?
> >>>
> >>> > On Fri, Jun 23, 2017 at 1:20 PM, Dave Page <dpage(at)pgadmin(dot)org>
> wrote:
> >>> >>
> >>> >> On Fri, Jun 23, 2017 at 7:16 AM, Murtuza Zabuawala
> >>> >> <murtuza(dot)zabuawala(at)enterprisedb(dot)com> wrote:
> >>> >> > Hi,
> >>> >> >
> >>> >> > PFA patch to fix the issue in Debugger module where it was unable
> to
> >>> >> > start
> >>> >> > debugging if 'plugin_debugger' can not found in
> >>> >> > shared_preload_libraries.
> >>> >> > RM#2162
> >>> >> >
> >>> >> > Original patch by: Kit Yam Tse
> >>> >> > (who reported the issue)
> >>> >> >
> >>> >> > I just re-based it against current code.
> >>> >>
> >>> >> Isn't that code required? We do need plugin_debugger to be present
> for
> >>> >> global (indirect) debugging to work. I suppose it may not be
> required
> >>> >> for direct debugging, but I haven't tested that.
> >>> >>
> >>> >>
> >>> >> --
> >>> >> Dave Page
> >>> >> Blog: http://pgsnake.blogspot.com
> >>> >> Twitter: @pgsnake
> >>> >>
> >>> >> EnterpriseDB UK: http://www.enterprisedb.com
> >>> >> The Enterprise PostgreSQL Company
> >>> >
> >>> >
> >>>
> >>>
> >>>
> >>> --
> >>> Dave Page
> >>> Blog: http://pgsnake.blogspot.com
> >>> Twitter: @pgsnake
> >>>
> >>> EnterpriseDB UK: http://www.enterprisedb.com
> >>> The Enterprise PostgreSQL Company
> >>
> >>
> >
>
>
>
> --
> Dave Page
> Blog: http://pgsnake.blogspot.com
> Twitter: @pgsnake
>
> EnterpriseDB UK: http://www.enterprisedb.com
> The Enterprise PostgreSQL Company
>