Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit026a91f

Browse files
committed
Move permissions check from do_pg_start_backup to pg_start_backup
And the same for do_pg_stop_backup. The code in do_pg_* is not allowedto access the catalogs. For manual base backups, the permissionscheck can be handled in the calling function, and for streamingbase backups only users with the required permissions can get pastthe authentication step in the first place.Reported by Antonin Houska, diagnosed by Andres Freund
1 parent773e4d5 commit026a91f

File tree

1 file changed

+16
-10
lines changed
  • src/backend/access/transam

1 file changed

+16
-10
lines changed

‎src/backend/access/transam/xlog.c

Lines changed: 16 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -8957,6 +8957,11 @@ pg_start_backup(PG_FUNCTION_ARGS)
89578957

89588958
backupidstr=text_to_cstring(backupid);
89598959

8960+
if (!superuser()&& !has_rolreplication(GetUserId()))
8961+
ereport(ERROR,
8962+
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
8963+
errmsg("must be superuser or replication role to run a backup")));
8964+
89608965
startpoint=do_pg_start_backup(backupidstr,fast,NULL);
89618966

89628967
snprintf(startxlogstr,sizeof(startxlogstr),"%X/%X",
@@ -8984,6 +8989,9 @@ pg_start_backup(PG_FUNCTION_ARGS)
89848989
*
89858990
* Every successfully started non-exclusive backup must be stopped by calling
89868991
* do_pg_stop_backup() or do_pg_abort_backup().
8992+
*
8993+
* It is the responsibility of the caller of this function to verify the
8994+
* permissions of the calling user!
89878995
*/
89888996
XLogRecPtr
89898997
do_pg_start_backup(constchar*backupidstr,boolfast,char**labelfile)
@@ -9000,11 +9008,6 @@ do_pg_start_backup(const char *backupidstr, bool fast, char **labelfile)
90009008
FILE*fp;
90019009
StringInfoDatalabelfbuf;
90029010

9003-
if (!superuser()&& !has_rolreplication(GetUserId()))
9004-
ereport(ERROR,
9005-
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
9006-
errmsg("must be superuser or replication role to run a backup")));
9007-
90089011
if (RecoveryInProgress())
90099012
ereport(ERROR,
90109013
(errcode(ERRCODE_OBJECT_NOT_IN_PREREQUISITE_STATE),
@@ -9241,6 +9244,11 @@ pg_stop_backup(PG_FUNCTION_ARGS)
92419244
XLogRecPtrstoppoint;
92429245
charstopxlogstr[MAXFNAMELEN];
92439246

9247+
if (!superuser()&& !has_rolreplication(GetUserId()))
9248+
ereport(ERROR,
9249+
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
9250+
errmsg("must be superuser or replication role to run a backup")));
9251+
92449252
stoppoint=do_pg_stop_backup(NULL, true);
92459253

92469254
snprintf(stopxlogstr,sizeof(stopxlogstr),"%X/%X",
@@ -9254,6 +9262,9 @@ pg_stop_backup(PG_FUNCTION_ARGS)
92549262
92559263
* If labelfile is NULL, this stops an exclusive backup. Otherwise this stops
92569264
* the non-exclusive backup specified by 'labelfile'.
9265+
*
9266+
* It is the responsibility of the caller of this function to verify the
9267+
* permissions of the calling user!
92579268
*/
92589269
XLogRecPtr
92599270
do_pg_stop_backup(char*labelfile,boolwaitforarchive)
@@ -9279,11 +9290,6 @@ do_pg_stop_backup(char *labelfile, bool waitforarchive)
92799290
boolreported_waiting= false;
92809291
char*remaining;
92819292

9282-
if (!superuser()&& !has_rolreplication(GetUserId()))
9283-
ereport(ERROR,
9284-
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
9285-
(errmsg("must be superuser or replication role to run a backup"))));
9286-
92879293
if (RecoveryInProgress())
92889294
ereport(ERROR,
92899295
(errcode(ERRCODE_OBJECT_NOT_IN_PREREQUISITE_STATE),

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp