Re: [BUGS] Bug #428: Another security issue with the JDBC driver.

It is now unclear to me the the

catch(PrivilegedActionException pae)

part of the patch is correct. If a SecurityException is thrown in
Socket() (as might happen if the policy file did not give the proper
permissions), then it might be converted into a ClassCastException,
which is probably the wrong thing to do.

Perhaps I should look into this a bit further.

David Daney.

Bruce Momjian wrote:

>Your patch has been added to the PostgreSQL unapplied patches list at:
>
> http://candle.pha.pa.us/cgi-bin/pgpatches
>
>I will try to apply it within the next 48 hours.
>
>>David Daney (David(dot)Daney(at)avtrex(dot)com) reports a bug with a severity of 3
>>The lower the number the more severe it is.
>>
>>Short Description
>>Another security issue with the JDBC driver.
>>
>>Long Description
>>The JDBC driver requires
>>
>> permission java.net.SocketPermission "host:port", "connect";
>>
>>in the policy file of the application using the JDBC driver
>>in the postgresql.jar file. Since the Socket() call in the
>>driver is not protected by AccessController.doPrivileged() this
>>permission must also be granted to the entire application.
>>
>>The attached diff fixes it so that the connect permission can be
>>restricted just the the postgresql.jar codeBase if desired.
>>
>>Sample Code
>>*** PG_Stream.java.orig Fri Aug 24 09:27:40 2001
>>--- PG_Stream.java Fri Aug 24 09:42:14 2001
>>***************
>>*** 5,10 ****
>>--- 5,11 ----
>> import java.net.*;
>> import java.util.*;
>> import java.sql.*;
>>+ import java.security.*;
>> import org.postgresql.*;
>> import org.postgresql.core.*;
>> import org.postgresql.util.*;
>>***************
>>*** 27,32 ****
>>--- 28,52 ----
>> BytePoolDim1 bytePoolDim1 = new BytePoolDim1();
>> BytePoolDim2 bytePoolDim2 = new BytePoolDim2();
>>
>>+ private static class PrivilegedSocket
>>+ implements PrivilegedExceptionAction
>>+ {
>>+ private String host;
>>+ private int port;
>>+
>>+ PrivilegedSocket(String host, int port)
>>+ {
>>+ this.host = host;
>>+ this.port = port;
>>+ }
>>+
>>+ public Object run() throws Exception
>>+ {
>>+ return new Socket(host, port);
>>+ }
>>+ }
>>+
>>+
>> /**
>> * Constructor: Connect to the PostgreSQL back end and return
>> * a stream connection.
>>***************
>>*** 37,43 ****
>> */
>> public PG_Stream(String host, int port) throws IOException
>> {
>>! connection = new Socket(host, port);
>>
>> // Submitted by Jason Venner <jason(at)idiom(dot)com> adds a 10x speed
>> // improvement on FreeBSD machines (caused by a bug in their TCP Stack)
>>--- 57,69 ----
>> */
>> public PG_Stream(String host, int port) throws IOException
>> {
>>! PrivilegedSocket ps = new PrivilegedSocket(host, port);
>>! try {
>>! connection = (Socket)AccessController.doPrivileged(ps);
>>! }
>>! catch(PrivilegedActionException pae){
>>! throw (IOException)pae.getException();
>>! }
>>
>> // Submitted by Jason Venner <jason(at)idiom(dot)com> adds a 10x speed
>> // improvement on FreeBSD machines (caused by a bug in their TCP Stack)
>>
>>
>>No file was uploaded with this report
>>
>>
>>---------------------------(end of broadcast)---------------------------
>>TIP 5: Have you checked our extensive FAQ?
>>
>>http://www.postgresql.org/users-lounge/docs/faq.html
>>
>