From: | "Joe Conway" <joe(at)conway-family(dot)com> |
---|---|
To: | <pgsql-patches(at)postgresql(dot)org> |
Subject: | Re: Fw: Isn't pg_statistic a security hole - Solution Proposal |
Date: | 2001-06-02 22:14:41 |
Message-ID: | 00bd01c0ebb1$6ca8e280$0705a8c0@jecw2k1 |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers pgsql-patches |
> Thanks for the feedback! To summarize the recommended changes:
>
> - put function into backend/utils/adt/acl.c.
> - remove PG_FUNCTION_INFO_V1
> - mark 'proisstrict' in pg_proc
> - rename to has_table_privilege()
> - overload the function name for 6 versions (OIDs 1920 - 1925):
> -> has_table_privilege(text username, text relname, text priv)
> -> has_table_privilege(oid usesysid, text relname, text priv)
> -> has_table_privilege(oid usesysid, oid reloid, text priv)
> -> has_table_privilege(text username, oid reloid, text priv)
> -> has_table_privilege(text relname, text priv) /* assumes
> current_user */
> -> has_table_privilege(oid reloid, text priv) /* assumes
current_user
> */
>
Here's a new patch for has_table_privilege( . . .). One change worthy of
note is that I added a definition to fmgr.h as follows:
#define PG_NARGS (fcinfo->nargs)
This allowed me to use two of the new functions to handle both 2 and 3
argument cases. Also different from the above, I used int instead of oid for
the usesysid type.
I'm also attaching a test script and expected output. I haven't yet looked
at how to properly include these into the normal regression testing -- any
pointers are much appreciated.
Thanks,
-- Joe
Attachment | Content-Type | Size |
---|---|---|
test_has_table_priv.sql | application/octet-stream | 27.3 KB |
test_has_table_priv.out | application/octet-stream | 40.8 KB |
has_priv_r2.diff | application/octet-stream | 12.1 KB |
From | Date | Subject | |
---|---|---|---|
Next Message | Tom Lane | 2001-06-02 23:26:12 | Re: Fw: Isn't pg_statistic a security hole - Solution Proposal |
Previous Message | Tom Lane | 2001-06-02 21:11:00 | Re: Re: [GENERAL] +/- Inf for float8's |
From | Date | Subject | |
---|---|---|---|
Next Message | Tom Lane | 2001-06-02 23:26:12 | Re: Fw: Isn't pg_statistic a security hole - Solution Proposal |
Previous Message | Bruce Momjian | 2001-06-02 16:39:41 | Re: Re: AW: [HACKERS] Re: Support for %TYPE in CREATE FUNCTION |