Quick Links

pgsql: Refactor permissions checks for large objects.

From:	Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To:	pgsql-committers(at)postgresql(dot)org
Subject:	pgsql: Refactor permissions checks for large objects.
Date:	2017-11-09 17:56:15
Message-ID:	E1eCr3n-0004y6-Rh@gemulon.postgresql.org
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-committers

Refactor permissions checks for large objects.

Up to now, ACL checks for large objects happened at the level of
the SQL-callable functions, which led to CVE-2017-7548 because of a
missing check. Push them down to be enforced in inv_api.c as much
as possible, in hopes of preventing future bugs. This does have the
effect of moving read and write permission errors to happen at lo_open
time not loread or lowrite time, but that seems acceptable.

Michael Paquier and Tom Lane

Discussion: https://postgr.es/m/CAB7nPqRHmNOYbETnc_2EjsuzSM00Z+BWKv9sy6tnvSd5gWT_JA@mail.gmail.com

Branch
------
master

Details
-------
https://git.postgresql.org/pg/commitdiff/ae20b23a9e7029f31ee902da08a464d968319f56

Modified Files
--------------
src/backend/catalog/objectaddress.c | 2 +-
src/backend/libpq/be-fsstubs.c | 88 +++++------------------
src/backend/storage/large_object/inv_api.c | 108 +++++++++++++++++++++++------
src/backend/utils/misc/guc.c | 12 ++--
src/include/libpq/be-fsstubs.h | 5 --
src/include/storage/large_object.h | 13 ++--
6 files changed, 117 insertions(+), 111 deletions(-)

Browse pgsql-committers by date

	From	Date	Subject
Next Message	Peter Eisentraut	2017-11-09 22:12:42	pgsql: Remove junk left from DSSSL to XSL conversion
Previous Message	Tom Lane	2017-11-09 16:57:49	pgsql: Fix typo in ALTER SYSTEM output.