Skip site navigation (1) Skip section navigation (2)

Re: Bug #428: Another security issue with the JDBC driver.

From: Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us>
To: David Daney <ddaney(at)avtrex(dot)com>
Cc: pgsql-bugs(at)postgresql(dot)org, PostgreSQL jdbc list <pgsql-jdbc(at)postgresql(dot)org>
Subject: Re: Bug #428: Another security issue with the JDBC driver.
Date: 2001-08-24 21:31:33
Message-ID: 200108242131.f7OLVXs04632@candle.pha.pa.us (view raw or flat)
Thread:
Lists: pgsql-bugspgsql-jdbcpgsql-patches
OK, re-added.

> I am sorry to keep going back and forth on this, but:
> 
> The original patch is correct and does the proper thing.  I should have 
> tested this before sounding the alarm.
> 
> AccessController.doPrivileged()
> 
> Propagates SecurityExceptions without wrapping them in a PrivilegedActionException so it appears that there is not the possibility of a ClassCastException.
> 
> David Daney.
> 
> 
> Bruce Momjian wrote:
> 
> >OK, patch removed from queue.
> >
> >>It is now unclear to me the the
> >>
> >>catch(PrivilegedActionException pae)
> >>
> >>part of the patch is correct.  If a SecurityException is thrown in 
> >>Socket() (as might happen if the policy file did not give the proper 
> >>permissions), then it might be converted into a ClassCastException, 
> >>which is probably the wrong thing to do.
> >>
> >>Perhaps I should look into this a bit further.
> >>
> >>David Daney.
> >>
> >>
> >>Bruce Momjian wrote:
> >>
> >>>Your patch has been added to the PostgreSQL unapplied patches list at:
> >>>
> >>>	http://candle.pha.pa.us/cgi-bin/pgpatches
> >>>
> >>>I will try to apply it within the next 48 hours.
> >>>
> >>>>David Daney (David(dot)Daney(at)avtrex(dot)com) reports a bug with a severity of 3
> >>>>The lower the number the more severe it is.
> >>>>
> >>>>Short Description
> >>>>Another security issue with the JDBC driver.
> >>>>
> >>>>Long Description
> >>>>The JDBC driver requires
> >>>>
> >>>> permission java.net.SocketPermission "host:port", "connect";
> >>>>
> >>>>in the policy file of the application using the JDBC driver 
> >>>>in the postgresql.jar file.  Since the Socket() call in the
> >>>>driver is not protected by AccessController.doPrivileged() this
> >>>>permission must also be granted to the entire application.
> >>>>
> >>>>The attached diff fixes it so that the connect permission can be
> >>>>restricted just the the postgresql.jar codeBase if desired.
> >>>>
> >>>>Sample Code
> >>>>*** PG_Stream.java.orig	Fri Aug 24 09:27:40 2001
> >>>>--- PG_Stream.java	Fri Aug 24 09:42:14 2001
> >>>>***************
> >>>>*** 5,10 ****
> >>>>--- 5,11 ----
> >>>> import java.net.*;
> >>>> import java.util.*;
> >>>> import java.sql.*;
> >>>>+ import java.security.*;
> >>>> import org.postgresql.*;
> >>>> import org.postgresql.core.*;
> >>>> import org.postgresql.util.*;
> >>>>***************
> >>>>*** 27,32 ****
> >>>>--- 28,52 ----
> >>>>     BytePoolDim1 bytePoolDim1 = new BytePoolDim1();
> >>>>     BytePoolDim2 bytePoolDim2 = new BytePoolDim2();
> >>>> 
> >>>>+    private static class PrivilegedSocket
> >>>>+       implements PrivilegedExceptionAction
> >>>>+    {
> >>>>+       private String host;
> >>>>+       private int port;
> >>>>+       
> >>>>+       PrivilegedSocket(String host, int port)
> >>>>+       {
> >>>>+          this.host = host;
> >>>>+          this.port = port;
> >>>>+       }
> >>>>+ 
> >>>>+       public Object run() throws Exception
> >>>>+       {
> >>>>+          return new Socket(host, port);
> >>>>+       }
> >>>>+    }
> >>>>+    
> >>>>+ 
> >>>>   /**
> >>>>    * Constructor:  Connect to the PostgreSQL back end and return
> >>>>    * a stream connection.
> >>>>***************
> >>>>*** 37,43 ****
> >>>>    */
> >>>>   public PG_Stream(String host, int port) throws IOException
> >>>>   {
> >>>>!     connection = new Socket(host, port);
> >>>> 
> >>>>     // Submitted by Jason Venner <jason(at)idiom(dot)com> adds a 10x speed
> >>>>     // improvement on FreeBSD machines (caused by a bug in their TCP Stack)
> >>>>--- 57,69 ----
> >>>>    */
> >>>>   public PG_Stream(String host, int port) throws IOException
> >>>>   {
> >>>>!      PrivilegedSocket ps = new PrivilegedSocket(host, port);
> >>>>!      try {
> >>>>!         connection = (Socket)AccessController.doPrivileged(ps);
> >>>>!      }
> >>>>!      catch(PrivilegedActionException pae){
> >>>>!         throw (IOException)pae.getException();
> >>>>!      }
> >>>> 
> >>>>     // Submitted by Jason Venner <jason(at)idiom(dot)com> adds a 10x speed
> >>>>     // improvement on FreeBSD machines (caused by a bug in their TCP Stack)
> >>>>
> >>>>
> >>>>No file was uploaded with this report
> >>>>
> >>>>
> >>>>---------------------------(end of broadcast)---------------------------
> >>>>TIP 5: Have you checked our extensive FAQ?
> >>>>
> >>>>http://www.postgresql.org/users-lounge/docs/faq.html
> >>>>
> >>
> >
> 
> 

-- 
  Bruce Momjian                        |  http://candle.pha.pa.us
  pgman(at)candle(dot)pha(dot)pa(dot)us               |  (610) 853-3000
  +  If your life is a hard drive,     |  830 Blythe Avenue
  +  Christ can be your backup.        |  Drexel Hill, Pennsylvania 19026

In response to

pgsql-jdbc by date

Next:From: Rene PijlmanDate: 2001-08-24 22:02:02
Subject: Re: JDBC changes for 7.2... some questions...
Previous:From: David DaneyDate: 2001-08-24 21:25:44
Subject: Re: [BUGS] Bug #428: Another security issue with the JDBC driver.

pgsql-bugs by date

Next:From: Peter EisentrautDate: 2001-08-24 22:22:00
Subject: Re: timestamps cannot be created without time zones
Previous:From: David DaneyDate: 2001-08-24 21:25:44
Subject: Re: [BUGS] Bug #428: Another security issue with the JDBC driver.

pgsql-patches by date

Next:From: Tatsuo IshiiDate: 2001-08-24 23:27:18
Subject: Re: Re: [PATCHES] encoding names
Previous:From: David DaneyDate: 2001-08-24 21:25:44
Subject: Re: [BUGS] Bug #428: Another security issue with the JDBC driver.

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group