| From: | Michael Paquier <michael(at)paquier(dot)xyz> |
|---|---|
| To: | Postgres hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org> |
| Cc: | Fujii Masao <masao(dot)fujii(at)oss(dot)nttdata(dot)com> |
| Subject: | Misplaced superuser check in pg_log_backend_memory_contexts() |
| Date: | 2021-06-06 06:53:10 |
| Message-ID: | YLxw1uVGIAP5uMPl@paquier.xyz |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Hi all,
While reading the code of pg_log_backend_memory_contexts(), I have
been surprised to see that the code would attempt to look at a PROC
entry based on the given input PID *before* checking if the function
has been called by a superuser. This does not strike me as a good
idea as this allows any users to call this function and to take
ProcArrayLock in shared mode, freely.
It seems to me that we had better check for a superuser at the
beginning of the function, like in the attached.
Thanks,
--
Michael
| Attachment | Content-Type | Size |
|---|---|---|
| log-backend-superuser.patch | text/x-diff | 1.1 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Julien Rouhaud | 2021-06-06 07:13:12 | Re: Misplaced superuser check in pg_log_backend_memory_contexts() |
| Previous Message | Julien Rouhaud | 2021-06-06 06:50:19 | Re: Hook for extensible parsing. |