Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit91c2755

Browse files
committed
Move permissions check from do_pg_start_backup to pg_start_backup
And the same for do_pg_stop_backup. The code in do_pg_* is not allowedto access the catalogs. For manual base backups, the permissionscheck can be handled in the calling function, and for streamingbase backups only users with the required permissions can get pastthe authentication step in the first place.Reported by Antonin Houska, diagnosed by Andres Freund
1 parent0463b94 commit91c2755

File tree

2 files changed

+16
-10
lines changed

2 files changed

+16
-10
lines changed

‎src/backend/access/transam/xlog.c

Lines changed: 6 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -8444,6 +8444,9 @@ XLogFileNameP(TimeLineID tli, XLogSegNo segno)
84448444
*
84458445
* Every successfully started non-exclusive backup must be stopped by calling
84468446
* do_pg_stop_backup() or do_pg_abort_backup().
8447+
*
8448+
* It is the responsibility of the caller of this function to verify the
8449+
* permissions of the calling user!
84478450
*/
84488451
XLogRecPtr
84498452
do_pg_start_backup(constchar*backupidstr,boolfast,TimeLineID*starttli_p,
@@ -8464,11 +8467,6 @@ do_pg_start_backup(const char *backupidstr, bool fast, TimeLineID *starttli_p,
84648467

84658468
backup_started_in_recovery=RecoveryInProgress();
84668469

8467-
if (!superuser()&& !has_rolreplication(GetUserId()))
8468-
ereport(ERROR,
8469-
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
8470-
errmsg("must be superuser or replication role to run a backup")));
8471-
84728470
/*
84738471
* Currently only non-exclusive backup can be taken during recovery.
84748472
*/
@@ -8770,6 +8768,9 @@ pg_start_backup_callback(int code, Datum arg)
87708768
*
87718769
* Returns the last WAL position that must be present to restore from this
87728770
* backup, and the corresponding timeline ID in *stoptli_p.
8771+
*
8772+
* It is the responsibility of the caller of this function to verify the
8773+
* permissions of the calling user!
87738774
*/
87748775
XLogRecPtr
87758776
do_pg_stop_backup(char*labelfile,boolwaitforarchive,TimeLineID*stoptli_p)
@@ -8802,11 +8803,6 @@ do_pg_stop_backup(char *labelfile, bool waitforarchive, TimeLineID *stoptli_p)
88028803

88038804
backup_started_in_recovery=RecoveryInProgress();
88048805

8805-
if (!superuser()&& !has_rolreplication(GetUserId()))
8806-
ereport(ERROR,
8807-
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
8808-
(errmsg("must be superuser or replication role to run a backup"))));
8809-
88108806
/*
88118807
* Currently only non-exclusive backup can be taken during recovery.
88128808
*/

‎src/backend/access/transam/xlogfuncs.c

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -56,6 +56,11 @@ pg_start_backup(PG_FUNCTION_ARGS)
5656

5757
backupidstr=text_to_cstring(backupid);
5858

59+
if (!superuser()&& !has_rolreplication(GetUserId()))
60+
ereport(ERROR,
61+
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
62+
errmsg("must be superuser or replication role to run a backup")));
63+
5964
startpoint=do_pg_start_backup(backupidstr,fast,NULL,NULL);
6065

6166
snprintf(startxlogstr,sizeof(startxlogstr),"%X/%X",
@@ -82,6 +87,11 @@ pg_stop_backup(PG_FUNCTION_ARGS)
8287
XLogRecPtrstoppoint;
8388
charstopxlogstr[MAXFNAMELEN];
8489

90+
if (!superuser()&& !has_rolreplication(GetUserId()))
91+
ereport(ERROR,
92+
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
93+
(errmsg("must be superuser or replication role to run a backup"))));
94+
8595
stoppoint=do_pg_stop_backup(NULL, true,NULL);
8696

8797
snprintf(stopxlogstr,sizeof(stopxlogstr),"%X/%X",

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp