pgsql: Allow granting SET and ALTER SYSTEM privileges on GUC parameters

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: pgsql-committers(at)lists(dot)postgresql(dot)org
Subject: pgsql: Allow granting SET and ALTER SYSTEM privileges on GUC parameters
Date: 2022-04-06 17:24:54
Message-ID: E1nc9On-000bor-Qs@gemulon.postgresql.org
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-committers

Allow granting SET and ALTER SYSTEM privileges on GUC parameters.

This patch allows "PGC_SUSET" parameters to be set by non-superusers
if they have been explicitly granted the privilege to do so.
The privilege to perform ALTER SYSTEM SET/RESET on a specific parameter
can also be granted.
Such privileges are cluster-wide, not per database. They are tracked
in a new shared catalog, pg_parameter_acl.

Granting and revoking these new privileges works as one would expect.
One caveat is that PGC_USERSET GUCs are unaffected by the SET privilege
--- one could wish that those were handled by a revocable grant to
PUBLIC, but they are not, because we couldn't make it robust enough
for GUCs defined by extensions.

Mark Dilger, reviewed at various times by Andrew Dunstan, Robert Haas,
Joshua Brindle, and myself

Discussion: https://postgr.es/m/3D691E20-C1D5-4B80-8BA5-6BEB63AF3029@enterprisedb.com

Branch
------
master

Details
-------
https://git.postgresql.org/pg/commitdiff/a0ffa885e478f5eeacc4e250e35ce25a4740c487

Modified Files
--------------
doc/src/sgml/catalogs.sgml | 77 ++-
doc/src/sgml/config.sgml | 150 ++++--
doc/src/sgml/ddl.sgml | 44 +-
doc/src/sgml/func.sgml | 24 +-
doc/src/sgml/ref/alter_system.sgml | 3 +-
doc/src/sgml/ref/drop_owned.sgml | 4 +-
doc/src/sgml/ref/grant.sgml | 17 +-
doc/src/sgml/ref/pg_dumpall.sgml | 3 +-
doc/src/sgml/ref/revoke.sgml | 7 +
doc/src/sgml/ref/set.sgml | 6 +-
src/backend/catalog/Makefile | 4 +-
src/backend/catalog/aclchk.c | 357 +++++++++++++-
src/backend/catalog/catalog.c | 36 +-
src/backend/catalog/dependency.c | 6 +
src/backend/catalog/objectaddress.c | 71 +++
src/backend/catalog/pg_parameter_acl.c | 118 +++++
src/backend/commands/alter.c | 1 +
src/backend/commands/event_trigger.c | 5 +
src/backend/commands/seclabel.c | 1 +
src/backend/commands/tablecmds.c | 1 +
src/backend/parser/gram.y | 46 +-
src/backend/utils/adt/acl.c | 114 +++++
src/backend/utils/cache/syscache.c | 23 +
src/backend/utils/misc/guc.c | 146 +++++-
src/bin/pg_dump/dumputils.c | 7 +-
src/bin/pg_dump/pg_dumpall.c | 65 +++
src/bin/psql/tab-complete.c | 78 ++-
src/include/catalog/catversion.h | 2 +-
src/include/catalog/dependency.h | 1 +
src/include/catalog/objectaccess.h | 2 +-
src/include/catalog/pg_parameter_acl.h | 62 +++
src/include/catalog/pg_proc.dat | 16 +
src/include/nodes/parsenodes.h | 5 +-
src/include/parser/kwlist.h | 1 +
src/include/utils/acl.h | 11 +-
src/include/utils/guc.h | 2 +
src/include/utils/syscache.h | 2 +
.../test_oat_hooks/expected/test_oat_hooks.out | 215 ++++++---
.../modules/test_oat_hooks/sql/test_oat_hooks.sql | 49 +-
src/test/modules/test_oat_hooks/test_oat_hooks.c | 80 +++-
src/test/modules/test_pg_dump/t/001_base.pl | 32 ++
src/test/modules/unsafe_tests/Makefile | 2 +-
.../modules/unsafe_tests/expected/guc_privs.out | 526 +++++++++++++++++++++
src/test/modules/unsafe_tests/sql/guc_privs.sql | 237 ++++++++++
44 files changed, 2465 insertions(+), 194 deletions(-)

Browse pgsql-committers by date

  From Date Subject
Next Message Andrew Dunstan 2022-04-06 17:54:49 pgsql: Further improve jsonb_sqljson parallel test
Previous Message Tom Lane 2022-04-06 15:20:02 Re: pgsql: Reduce running time of jsonb_sqljson test