| From: | Jeff Davis <jdavis(at)postgresql(dot)org> |
|---|---|
| To: | pgsql-committers(at)lists(dot)postgresql(dot)org |
| Subject: | pgsql: Re-validate connection string in libpqrcv_connect(). |
| Date: | 2024-01-12 21:43:00 |
| Message-ID: | E1rOPIq-001842-VG@gemulon.postgresql.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-committers |
Re-validate connection string in libpqrcv_connect().
A superuser may create a subscription with password_required=true, but
which uses a connection string without a password.
Previously, if the owner of such a subscription was changed to a
non-superuser, the non-superuser was able to utilize a password from
another source (like a password file or the PGPASSWORD environment
variable), which should not have been allowed.
This commit adds a step to re-validate the connection string before
connecting.
Reported-by: Jeff Davis
Author: Vignesh C
Reviewed-by: Peter Smith, Robert Haas, Amit Kapila
Discussion: https://www.postgresql.org/message-id/flat/e5892973ae2a80a1a3e0266806640dae3c428100.camel%40j-davis.com
Backpatch-through: 16
Branch
------
master
Details
-------
https://git.postgresql.org/pg/commitdiff/5c31669058b5550b4b3d623c07bc4203c11b8316
Modified Files
--------------
doc/src/sgml/ref/create_subscription.sgml | 11 +--
.../libpqwalreceiver/libpqwalreceiver.c | 9 +++
src/test/subscription/t/027_nosuperuser.pl | 80 ++++++++++++++++++++++
3 files changed, 95 insertions(+), 5 deletions(-)
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Jeff Davis | 2024-01-12 21:43:12 | pgsql: Re-validate connection string in libpqrcv_connect(). |
| Previous Message | Peter Eisentraut | 2024-01-12 15:18:22 | pgsql: Refactor ATExecAddColumn() to use BuildDescForRelation() |