Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit6dc2496

Browse files
committed
Code cleanup of user name and user id handling in the backend. The current
user is now defined in terms of the user id, the user name is only computedupon request (for display purposes). This is kind of the opposite of theprevious state, which would maintain the user name and compute the user idfor permission checks.Besides perhaps saving a few cycles (integer vs string), this now creates asingle point of attack for changing the user id during a connection, forpurposes of "setuid" functions, etc.
1 parentdaf1e3a commit6dc2496

File tree

28 files changed

+217
-278
lines changed

28 files changed

+217
-278
lines changed

‎src/backend/bootstrap/bootstrap.c

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@
88
* Portions Copyright (c) 1994, Regents of the University of California
99
*
1010
* IDENTIFICATION
11-
* $Header: /cvsroot/pgsql/src/backend/bootstrap/bootstrap.c,v 1.92 2000/08/03 19:19:06 tgl Exp $
11+
* $Header: /cvsroot/pgsql/src/backend/bootstrap/bootstrap.c,v 1.93 2000/09/06 14:15:14 petere Exp $
1212
*
1313
*-------------------------------------------------------------------------
1414
*/
@@ -355,7 +355,7 @@ BootstrapMain(int argc, char *argv[])
355355
/*
356356
* backend initialization
357357
*/
358-
InitPostgres(dbName);
358+
InitPostgres(dbName,NULL);
359359
LockDisable(true);
360360

361361
if (IsUnderPostmaster&& !xloginit)

‎src/backend/catalog/aclchk.c

Lines changed: 39 additions & 38 deletions
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@
88
*
99
*
1010
* IDENTIFICATION
11-
* $Header: /cvsroot/pgsql/src/backend/catalog/aclchk.c,v 1.39 2000/07/31 22:39:13 tgl Exp $
11+
* $Header: /cvsroot/pgsql/src/backend/catalog/aclchk.c,v 1.40 2000/09/06 14:15:15 petere Exp $
1212
*
1313
* NOTES
1414
* See acl.h.
@@ -355,21 +355,22 @@ aclcheck(char *relname, Acl *acl, AclId id, AclIdType idtype, AclMode mode)
355355
}
356356

357357
int32
358-
pg_aclcheck(char*relname,char*usename,AclModemode)
358+
pg_aclcheck(char*relname,Oiduserid,AclModemode)
359359
{
360360
HeapTupletuple;
361-
AclIdid;
362361
Acl*acl= (Acl*)NULL;
363362
int32result;
363+
char*usename;
364364
Relationrelation;
365365

366-
tuple=SearchSysCacheTuple(SHADOWNAME,
367-
PointerGetDatum(usename),
366+
tuple=SearchSysCacheTuple(SHADOWSYSID,
367+
ObjectIdGetDatum(userid),
368368
0,0,0);
369369
if (!HeapTupleIsValid(tuple))
370-
elog(ERROR,"pg_aclcheck: user \"%s\" not found",
371-
usename);
372-
id= (AclId) ((Form_pg_shadow)GETSTRUCT(tuple))->usesysid;
370+
elog(ERROR,"pg_aclcheck: invalid user id %u",
371+
(unsigned)userid);
372+
373+
usename=NameStr(((Form_pg_shadow)GETSTRUCT(tuple))->usename);
373374

374375
/*
375376
* Deny anyone permission to update a system catalog unless
@@ -445,28 +446,28 @@ pg_aclcheck(char *relname, char *usename, AclMode mode)
445446
}
446447
heap_close(relation,RowExclusiveLock);
447448
#endif
448-
result=aclcheck(relname,acl,id, (AclIdType)ACL_IDTYPE_UID,mode);
449+
result=aclcheck(relname,acl,userid, (AclIdType)ACL_IDTYPE_UID,mode);
449450
if (acl)
450451
pfree(acl);
451452
returnresult;
452453
}
453454

454455
int32
455-
pg_ownercheck(constchar*usename,
456+
pg_ownercheck(Oiduserid,
456457
constchar*value,
457458
intcacheid)
458459
{
459460
HeapTupletuple;
460-
AclIduser_id,
461-
owner_id=0;
461+
AclIdowner_id=0;
462+
char*usename;
462463

463-
tuple=SearchSysCacheTuple(SHADOWNAME,
464-
PointerGetDatum(usename),
464+
tuple=SearchSysCacheTuple(SHADOWSYSID,
465+
ObjectIdGetDatum(userid),
465466
0,0,0);
466467
if (!HeapTupleIsValid(tuple))
467-
elog(ERROR,"pg_ownercheck: user\"%s\" not found",
468-
usename);
469-
user_id=(AclId)((Form_pg_shadow)GETSTRUCT(tuple))->usesysid;
468+
elog(ERROR,"pg_ownercheck:invaliduserid %u",
469+
(unsigned)userid);
470+
usename=NameStr(((Form_pg_shadow)GETSTRUCT(tuple))->usename);
470471

471472
/*
472473
* Superusers bypass all permission-checking.
@@ -513,26 +514,26 @@ pg_ownercheck(const char *usename,
513514
break;
514515
}
515516

516-
returnuser_id==owner_id;
517+
returnuserid==owner_id;
517518
}
518519

519520
int32
520-
pg_func_ownercheck(char*usename,
521+
pg_func_ownercheck(Oiduserid,
521522
char*funcname,
522523
intnargs,
523524
Oid*arglist)
524525
{
525526
HeapTupletuple;
526-
AclIduser_id,
527-
owner_id;
527+
AclIdowner_id;
528+
char*username;
528529

529-
tuple=SearchSysCacheTuple(SHADOWNAME,
530-
PointerGetDatum(usename),
530+
tuple=SearchSysCacheTuple(SHADOWSYSID,
531+
ObjectIdGetDatum(userid),
531532
0,0,0);
532533
if (!HeapTupleIsValid(tuple))
533-
elog(ERROR,"pg_func_ownercheck: user\"%s\" not found",
534-
usename);
535-
user_id=(AclId)((Form_pg_shadow)GETSTRUCT(tuple))->usesysid;
534+
elog(ERROR,"pg_func_ownercheck:invaliduserid %u",
535+
(unsigned)userid);
536+
username=NameStr(((Form_pg_shadow)GETSTRUCT(tuple))->usename);
536537

537538
/*
538539
* Superusers bypass all permission-checking.
@@ -541,7 +542,7 @@ pg_func_ownercheck(char *usename,
541542
{
542543
#ifdefACLDEBUG_TRACE
543544
elog(DEBUG,"pg_ownercheck: user \"%s\" is superuser",
544-
usename);
545+
username);
545546
#endif
546547
return1;
547548
}
@@ -556,25 +557,25 @@ pg_func_ownercheck(char *usename,
556557

557558
owner_id= ((Form_pg_proc)GETSTRUCT(tuple))->proowner;
558559

559-
returnuser_id==owner_id;
560+
returnuserid==owner_id;
560561
}
561562

562563
int32
563-
pg_aggr_ownercheck(char*usename,
564+
pg_aggr_ownercheck(Oiduserid,
564565
char*aggname,
565566
OidbasetypeID)
566567
{
567568
HeapTupletuple;
568-
AclIduser_id,
569-
owner_id;
569+
AclIdowner_id;
570+
char*username;
570571

571-
tuple=SearchSysCacheTuple(SHADOWNAME,
572-
PointerGetDatum(usename),
572+
tuple=SearchSysCacheTuple(SHADOWSYSID,
573+
PointerGetDatum(userid),
573574
0,0,0);
574575
if (!HeapTupleIsValid(tuple))
575-
elog(ERROR,"pg_aggr_ownercheck: user\"%s\" not found",
576-
usename);
577-
user_id=(AclId)((Form_pg_shadow)GETSTRUCT(tuple))->usesysid;
576+
elog(ERROR,"pg_aggr_ownercheck:invaliduserid %u",
577+
(unsigned)userid);
578+
username=NameStr(((Form_pg_shadow)GETSTRUCT(tuple))->usename);
578579

579580
/*
580581
* Superusers bypass all permission-checking.
@@ -583,7 +584,7 @@ pg_aggr_ownercheck(char *usename,
583584
{
584585
#ifdefACLDEBUG_TRACE
585586
elog(DEBUG,"pg_aggr_ownercheck: user \"%s\" is superuser",
586-
usename);
587+
username);
587588
#endif
588589
return1;
589590
}
@@ -598,5 +599,5 @@ pg_aggr_ownercheck(char *usename,
598599

599600
owner_id= ((Form_pg_aggregate)GETSTRUCT(tuple))->aggowner;
600601

601-
returnuser_id==owner_id;
602+
returnuserid==owner_id;
602603
}

‎src/backend/commands/analyze.c

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@
88
*
99
*
1010
* IDENTIFICATION
11-
* $Header: /cvsroot/pgsql/src/backend/commands/analyze.c,v 1.5 2000/08/21 17:22:32 tgl Exp $
11+
* $Header: /cvsroot/pgsql/src/backend/commands/analyze.c,v 1.6 2000/09/06 14:15:16 petere Exp $
1212
*
1313
1414
*-------------------------------------------------------------------------
@@ -99,7 +99,7 @@ analyze_rel(Oid relid, List *anal_cols2, int MESSAGE_LEVEL)
9999
onerel=heap_open(relid,AccessShareLock);
100100

101101
#ifndefNO_SECURITY
102-
if (!pg_ownercheck(GetPgUserName(),RelationGetRelationName(onerel),
102+
if (!pg_ownercheck(GetUserId(),RelationGetRelationName(onerel),
103103
RELNAME))
104104
{
105105
/* we already did an elog during vacuum

‎src/backend/commands/command.c

Lines changed: 8 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@
88
*
99
*
1010
* IDENTIFICATION
11-
* $Header: /cvsroot/pgsql/src/backend/commands/Attic/command.c,v 1.97 2000/08/29 04:20:43 momjian Exp $
11+
* $Header: /cvsroot/pgsql/src/backend/commands/Attic/command.c,v 1.98 2000/09/06 14:15:16 petere Exp $
1212
*
1313
* NOTES
1414
* The PerformAddAttribute() code, like most of the relation
@@ -308,7 +308,7 @@ AlterTableAddColumn(const char *relationName,
308308
elog(ERROR,"ALTER TABLE: relation \"%s\" is a system catalog",
309309
relationName);
310310
#ifndefNO_SECURITY
311-
if (!pg_ownercheck(UserName,relationName,RELNAME))
311+
if (!pg_ownercheck(GetUserId(),relationName,RELNAME))
312312
elog(ERROR,"ALTER TABLE: permission denied");
313313
#endif
314314

@@ -523,7 +523,7 @@ AlterTableAlterColumn(const char *relationName,
523523
elog(ERROR,"ALTER TABLE: relation \"%s\" is a system catalog",
524524
relationName);
525525
#ifndefNO_SECURITY
526-
if (!pg_ownercheck(UserName,relationName,RELNAME))
526+
if (!pg_ownercheck(GetUserId(),relationName,RELNAME))
527527
elog(ERROR,"ALTER TABLE: permission denied");
528528
#endif
529529

@@ -935,7 +935,7 @@ AlterTableDropColumn(const char *relationName,
935935
elog(ERROR,"ALTER TABLE: relation \"%s\" is a system catalog",
936936
relationName);
937937
#ifndefNO_SECURITY
938-
if (!pg_ownercheck(UserName,relationName,RELNAME))
938+
if (!pg_ownercheck(GetUserId(),relationName,RELNAME))
939939
elog(ERROR,"ALTER TABLE: permission denied");
940940
#endif
941941

@@ -1095,7 +1095,7 @@ AlterTableAddConstraint(char *relationName,
10951095
elog(ERROR,"ALTER TABLE / ADD CONSTRAINT passed invalid constraint.");
10961096

10971097
#ifndefNO_SECURITY
1098-
if (!pg_ownercheck(UserName,relationName,RELNAME))
1098+
if (!pg_ownercheck(GetUserId(),relationName,RELNAME))
10991099
elog(ERROR,"ALTER TABLE: permission denied");
11001100
#endif
11011101

@@ -1484,7 +1484,7 @@ AlterTableCreateToastTable(const char *relationName, bool silent)
14841484
* permissions checking. XXX exactly what is appropriate here?
14851485
*/
14861486
#ifndefNO_SECURITY
1487-
if (!pg_ownercheck(UserName,relationName,RELNAME))
1487+
if (!pg_ownercheck(GetUserId(),relationName,RELNAME))
14881488
elog(ERROR,"ALTER TABLE: permission denied");
14891489
#endif
14901490

@@ -1723,9 +1723,9 @@ LockTableCommand(LockStmt *lockstmt)
17231723
rel=heap_openr(lockstmt->relname,NoLock);
17241724

17251725
if (lockstmt->mode==AccessShareLock)
1726-
aclresult=pg_aclcheck(lockstmt->relname,GetPgUserName(),ACL_RD);
1726+
aclresult=pg_aclcheck(lockstmt->relname,GetUserId(),ACL_RD);
17271727
else
1728-
aclresult=pg_aclcheck(lockstmt->relname,GetPgUserName(),ACL_WR);
1728+
aclresult=pg_aclcheck(lockstmt->relname,GetUserId(),ACL_WR);
17291729

17301730
if (aclresult!=ACLCHECK_OK)
17311731
elog(ERROR,"LOCK TABLE: permission denied");

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp