From: | Ryan Murphy <ryanfmurphy(at)gmail(dot)com> |
---|---|
To: | pgsql-hackers(at)postgresql(dot)org |
Cc: | Stephen Frost <sfrost(at)snowman(dot)net> |
Subject: | Re: Add default role 'pg_access_server_files' |
Date: | 2018-01-07 07:17:24 |
Message-ID: | 151530944448.1766.9226544636589164640.pgcf@coridan.postgresql.org |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
The following review has been posted through the commitfest application:
make installcheck-world: tested, passed
Implements feature: tested, passed
Spec compliant: not tested
Documentation: tested, passed
I ran make installcheck-world and all tests passed except one that is a known issue with the way I have my environment setup (ecpg tests unrelated to this patch).
Manual tests I ran to see if it Implements the Feature:
1) confirmed that superuser can call pg_read_file() to read files in or out of data directory
2) confirmed that "tester" can call pg_read_file() only if given EXECUTE privilege
3) confirmed that "tester" can only call pg_read_file() on a file OUTSIDE of the data directory iff I "grant pg_access_server_files to tester;"
Documentation seems reasonable.
I believe this patch to be Ready for Committer.
The new status of this patch is: Ready for Committer
From | Date | Subject | |
---|---|---|---|
Next Message | Pavel Stehule | 2018-01-07 08:31:40 | Re: [HACKERS] plpgsql - additional extra checks |
Previous Message | Ryan Murphy | 2018-01-07 06:54:00 | Re: Add default role 'pg_access_server_files' |