| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | pgsql-committers(at)postgresql(dot)org |
| Subject: | pgsql: Document changes in large-object privilege checking. |
| Date: | 2017-11-14 17:33:15 |
| Message-ID: | E1eEf5H-0001dC-Hs@gemulon.postgresql.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-committers |
Document changes in large-object privilege checking.
Commit 5ecc0d738 removed the hard-wired superuser checks in lo_import
and lo_export in favor of protecting them with SQL permissions, but
failed to adjust the documentation to match. Fix that, and add a
<caution> paragraph pointing out the nontrivial security hazards
involved with actually granting such permissions. (It's still better
than ALLOW_DANGEROUS_LO_FUNCTIONS, though.)
Also, commit ae20b23a9 caused large object read/write privilege to
be checked during lo_open() rather than in the actual read or write
calls. Document that.
Discussion: https://postgr.es/m/CAB7nPqRHmNOYbETnc_2EjsuzSM00Z+BWKv9sy6tnvSd5gWT_JA@mail.gmail.com
Branch
------
master
Details
-------
https://git.postgresql.org/pg/commitdiff/6d776522d243d38faca6924d9b3c7cfaf0c4860d
Modified Files
--------------
doc/src/sgml/config.sgml | 3 ---
doc/src/sgml/lobj.sgml | 42 ++++++++++++++++++++++++++++++++++++++----
2 files changed, 38 insertions(+), 7 deletions(-)
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2017-11-14 18:47:08 | pgsql: Rearrange c.h to create a "compiler characteristics" section. |
| Previous Message | Alvaro Herrera | 2017-11-14 14:37:59 | pgsql: Simplify index_[constraint_]create API |