| From: | Ryan Murphy <ryanfmurphy(at)gmail(dot)com> |
|---|---|
| To: | pgsql-hackers(at)postgresql(dot)org |
| Cc: | Stephen Frost <sfrost(at)snowman(dot)net> |
| Subject: | Re: Add default role 'pg_access_server_files' |
| Date: | 2018-01-07 07:17:24 |
| Message-ID: | 151530944448.1766.9226544636589164640.pgcf@coridan.postgresql.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
The following review has been posted through the commitfest application:
make installcheck-world: tested, passed
Implements feature: tested, passed
Spec compliant: not tested
Documentation: tested, passed
I ran make installcheck-world and all tests passed except one that is a known issue with the way I have my environment setup (ecpg tests unrelated to this patch).
Manual tests I ran to see if it Implements the Feature:
1) confirmed that superuser can call pg_read_file() to read files in or out of data directory
2) confirmed that "tester" can call pg_read_file() only if given EXECUTE privilege
3) confirmed that "tester" can only call pg_read_file() on a file OUTSIDE of the data directory iff I "grant pg_access_server_files to tester;"
Documentation seems reasonable.
I believe this patch to be Ready for Committer.
The new status of this patch is: Ready for Committer
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Pavel Stehule | 2018-01-07 08:31:40 | Re: [HACKERS] plpgsql - additional extra checks |
| Previous Message | Ryan Murphy | 2018-01-07 06:54:00 | Re: Add default role 'pg_access_server_files' |