Re: pg_hba.conf editing question

2014-07-19 18:11 GMT+02:00 Scott Furry <scott(dot)wl(dot)furry(at)gmail(dot)com>:

> I am working with the pgAdmin git source and I am having trouble
> understanding the adminpack functions being used.
>
> In the file pgadmin/frm/frmHbaConfig.cpp, the pg_hba.conf edit form
> constructor appears to get the absolute path to the configuration file and
> stores this value in "serverFileName" ("SHOW hba_file"). The value is then
> used to few lines down in a call to "SELECT pg_file_read(...)".
>
> Net Search suggests that pg_file_read can be used to access files in the
> pg data/log directories only. Experimenting on my localhost, any attempt to
> use a "../" or and absolute path results in an error.
>
> What I'm having a problem understanding is how the pg_file_read function
> can work in this context. I can access files in the data directory nicely,
> but emulating the queries being used in the pgAdmin code will not work.
> What magic was built into the code to get around the absolute path security?
>
>
No magic. pg_file_read() calls pg_read_file. Here is the main comment of
this function:

/*¬
* Convert a "text" filename argument to C string, and check it's
allowable.¬
*¬
* Filename may be absolute or relative to the DataDir, but we only allow¬
* absolute paths that match DataDir or Log_directory.¬
*/¬

So the path may be absolute but, in such a case, it must contain the data
directory.

--
Guillaume.
http://blog.guillaume.lelarge.info
http://www.dalibo.com