| From: | Jeff Davis <jdavis(at)postgresql(dot)org> |
|---|---|
| To: | pgsql-committers(at)lists(dot)postgresql(dot)org |
| Subject: | pgsql: Re-validate connection string in libpqrcv_connect(). |
| Date: | 2024-01-12 21:43:12 |
| Message-ID: | E1rOPJ2-00184d-Md@gemulon.postgresql.org |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-committers |
Re-validate connection string in libpqrcv_connect().
A superuser may create a subscription with password_required=true, but
which uses a connection string without a password.
Previously, if the owner of such a subscription was changed to a
non-superuser, the non-superuser was able to utilize a password from
another source (like a password file or the PGPASSWORD environment
variable), which should not have been allowed.
This commit adds a step to re-validate the connection string before
connecting.
Reported-by: Jeff Davis
Author: Vignesh C
Reviewed-by: Peter Smith, Robert Haas, Amit Kapila
Discussion: https://www.postgresql.org/message-id/flat/e5892973ae2a80a1a3e0266806640dae3c428100.camel%40j-davis.com
Backpatch-through: 16
Branch
------
REL_16_STABLE
Details
-------
https://git.postgresql.org/pg/commitdiff/4c03ac7e2bc46988fe4ecf3b1aef393488786f12
Modified Files
--------------
doc/src/sgml/ref/create_subscription.sgml | 11 +--
.../libpqwalreceiver/libpqwalreceiver.c | 9 +++
src/test/subscription/t/027_nosuperuser.pl | 80 ++++++++++++++++++++++
3 files changed, 95 insertions(+), 5 deletions(-)
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Alvaro Herrera | 2024-01-12 22:21:55 | pgsql: Add empty placeholder LINGUAS file for pg_walsummary |
| Previous Message | Jeff Davis | 2024-01-12 21:43:00 | pgsql: Re-validate connection string in libpqrcv_connect(). |