| From: | Julien Rouhaud <rjuju123(at)gmail(dot)com> |
|---|---|
| To: | Atsushi Torikoshi <atorik(at)gmail(dot)com> |
| Cc: | Fujii Masao <masao(dot)fujii(at)gmail(dot)com>, Michael Paquier <michael(at)paquier(dot)xyz>, Arthur Zakirov <zaartur(at)gmail(dot)com>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Add pg_file_sync() to adminpack |
| Date: | 2020-01-14 16:50:57 |
| Message-ID: | CAOBaU_Y1MYUUqT01XOdAnCBP01ALKFxhrZT87QiCuLkbr2EC-w@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Tue, Jan 14, 2020 at 4:08 PM Atsushi Torikoshi <atorik(at)gmail(dot)com> wrote:
>
> > On Sut, Jan 11, 2020 at 2:12 Fujii Masao <masao(dot)fujii(at)gmail(dot)com>:
> > > But pg_write_server_files users are not allowed to execute
> > > other functions like pg_file_write() by default. So doing that
> > > change only for pg_file_sync() looks strange to me.
>
> > Ah indeed. I'm wondering if that's an oversight of the original
> > default role patch or voluntary.
>
> It's not directly related to the patch, but as far as I read the
> manual below, I expected pg_write_server_files users could execute
> adminpack functions.
>
> | Table 21.1 Default Roles
> | pg_write_server_files: Allow writing to files in any location the database can access on the server with COPY and other file-access functions.
Actually, pg_write_server_files has enough privileges to execute those
functions anywhere on the FS as far as C code is concerned, provided
that the user running postgres daemon is allowed to (see
convert_and_check_filename), but won't be allowed to do so by default
as it won't have EXECUTE privilege on the functions.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Robert Haas | 2020-01-14 16:54:30 | Re: backup manifests |
| Previous Message | Robert Haas | 2020-01-14 16:02:13 | Re: our checks for read-only queries are not great |