From: | Mark Volpe <volpe(dot)mark(at)epa(dot)gov> |
---|---|
To: | pgsql-hackers(at)postgresql(dot)org |
Subject: | [PATCH] Re: Setuid functions |
Date: | 2001-06-21 15:24:44 |
Message-ID: | 3B3211BC.18D7517@epa.gov |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
Sorry, I have decided not to follow the SQL standard ;-) PRIVILEGE is spelled
correctly in my patch.
This patch will implement the "ENABLE PRIVILEGE" and "DISABLE PRIVILEGE"
commands in PL/pgSQL, which, respectively, change the effective uid to that
of the function owner and back. It doesn't break security (I hope). The
commands can be abbreviated as "ENABLE" and "DISABLE" for the poor saps that
have trouble with "PRIVILEGE" :) Easier than adding a setuid bit to the
catalog, no?
Apologies if the patch is not in the correct format. Apply with
patch -p1 < enable_disable.patch
in the tippety-top of the 7.1.2 tree.
Regression example:
CREATE USER sample_user;
CREATE TABLE test_log(stamp datetime);
GRANT SELECT ON test_log TO PUBLIC;
DROP FUNCTION test_enable();
CREATE FUNCTION test_enable() RETURNS boolean AS
'
DECLARE
user name;
BEGIN
user:=current_user;
RAISE NOTICE ''Username: %'', user;
ENABLE PRIVILEGE;
user:=current_user;
RAISE NOTICE ''Username: %'', user;
INSERT INTO test_log VALUES(''now''::text);
DISABLE PRIVILEGE; -- Actually unnecessary at the end of the function
RETURN TRUE;
END;
' LANGUAGE 'plpgsql';
\c - sample_user
SELECT test_enable();
SELECT * FROM test_log;
stamp
------------------------
2001-06-21 11:17:29-04
(Note current time logged into a table where sample_user could not normally
write)
Hope you will find this useful
- Mark
"Ross J. Reedstrom" wrote:
>
> Come on, Chris, you've never heard about SQL standard LEDGE? That's
> the nomenclature they chose to describe a collection of permissions:
> a SHELF or LEDGE. PUBLEDGE, USERLEDGE, PRIVLEDGE. So, the last is the
> PRIVATE LEDGE, reserved for the owner of the object whose access is
> being determined (or was that PRIVITHEDGE? now I'm confused)
>
> ... or something. ;-) Actually, not too far from how some of the SQL92
> standards docs actually seem to read, especially after falling asleep
> face down on the keyboard will trying to understand them, and having
> vivid dreams.
>
> Ross (who's in the office much too late, working on budget justifications
> for grants that are due tomorrow!)
>
> ---------------------------(end of broadcast)---------------------------
> TIP 2: you can get off all lists at once with the unregister command
> (send "unregister YourEmailAddressHere" to majordomo(at)postgresql(dot)org)
Attachment | Content-Type | Size |
---|---|---|
enable_disable.patch | text/plain | 7.9 KB |
From | Date | Subject | |
---|---|---|---|
Next Message | D'Arcy J.M. Cain | 2001-06-21 17:02:27 | COPY vs. INSERT |
Previous Message | Olivier PRENANT | 2001-06-21 14:55:13 | openssl+postgresql+unixware |