Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commita25c207

Browse files
committed
Teach SHOW ALL to honor pg_read_all_settings membership
Also, fix the pg_settings view to display source filename and linenumber when invoked by a pg_read_all_settings member. This addition byme (Álvaro).Also, fix wording of the comment in GetConfigOption regarding therestriction it implements, renaming the parameter for extra clarity.Noted by Michaël.These were all oversight in commit25fff40; backpatch to pg10,where that commit first appeared.Author: Laurenz AlbeReviewed-by: Michaël Paquier, Álvaro HerreraDiscussion:https://postgr.es/m/1519917758.6586.8.camel@cybertec.at
1 parent6695e95 commita25c207

File tree

2 files changed

+11
-10
lines changed

2 files changed

+11
-10
lines changed

‎src/backend/utils/misc/guc.c‎

Lines changed: 10 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -6696,15 +6696,15 @@ SetConfigOption(const char *name, const char *value,
66966696
* this cannot be distinguished from a string variable with a NULL value!),
66976697
* otherwise throw an ereport and don't return.
66986698
*
6699-
* Ifrestrict_superuser is true, we also enforce that only superuserscan
6700-
*see GUC_SUPERUSER_ONLY variables. This should only be passed as true
6701-
* in user-driven calls.
6699+
* Ifrestrict_privileged is true, we also enforce that only superusersand
6700+
*members of the pg_read_all_settings role can see GUC_SUPERUSER_ONLY
6701+
*variables. This should only be passed as truein user-driven calls.
67026702
*
67036703
* The string is *not* allocated for modification and is really only
67046704
* valid until the next call to configuration related functions.
67056705
*/
67066706
constchar*
6707-
GetConfigOption(constchar*name,boolmissing_ok,boolrestrict_superuser)
6707+
GetConfigOption(constchar*name,boolmissing_ok,boolrestrict_privileged)
67086708
{
67096709
structconfig_generic*record;
67106710
staticcharbuffer[256];
@@ -6719,7 +6719,7 @@ GetConfigOption(const char *name, bool missing_ok, bool restrict_superuser)
67196719
errmsg("unrecognized configuration parameter \"%s\"",
67206720
name)));
67216721
}
6722-
if (restrict_superuser&&
6722+
if (restrict_privileged&&
67236723
(record->flags&GUC_SUPERUSER_ONLY)&&
67246724
!is_member_of_role(GetUserId(),DEFAULT_ROLE_READ_ALL_SETTINGS))
67256725
ereport(ERROR,
@@ -8000,7 +8000,6 @@ ShowGUCConfigOption(const char *name, DestReceiver *dest)
80008000
staticvoid
80018001
ShowAllGUCConfig(DestReceiver*dest)
80028002
{
8003-
boolam_superuser=superuser();
80048003
inti;
80058004
TupOutputState*tstate;
80068005
TupleDesctupdesc;
@@ -8025,7 +8024,8 @@ ShowAllGUCConfig(DestReceiver *dest)
80258024
char*setting;
80268025

80278026
if ((conf->flags&GUC_NO_SHOW_ALL)||
8028-
((conf->flags&GUC_SUPERUSER_ONLY)&& !am_superuser))
8027+
((conf->flags&GUC_SUPERUSER_ONLY)&&
8028+
!is_member_of_role(GetUserId(),DEFAULT_ROLE_READ_ALL_SETTINGS)))
80298029
continue;
80308030

80318031
/* assign to the values array */
@@ -8348,9 +8348,10 @@ GetConfigOptionByNum(int varnum, const char **values, bool *noshow)
83488348
/*
83498349
* If the setting came from a config file, set the source location. For
83508350
* security reasons, we don't show source file/line number for
8351-
*non-superusers.
8351+
*insufficiently-privileged users.
83528352
*/
8353-
if (conf->source==PGC_S_FILE&&superuser())
8353+
if (conf->source==PGC_S_FILE&&
8354+
is_member_of_role(GetUserId(),DEFAULT_ROLE_READ_ALL_SETTINGS))
83548355
{
83558356
values[14]=conf->sourcefile;
83568357
snprintf(buffer,sizeof(buffer),"%d",conf->sourceline);

‎src/include/utils/guc.h‎

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -346,7 +346,7 @@ extern void DefineCustomEnumVariable(
346346
externvoidEmitWarningsOnPlaceholders(constchar*className);
347347

348348
externconstchar*GetConfigOption(constchar*name,boolmissing_ok,
349-
boolrestrict_superuser);
349+
boolrestrict_privileged);
350350
externconstchar*GetConfigOptionResetString(constchar*name);
351351
externintGetConfigOptionFlags(constchar*name,boolmissing_ok);
352352
externvoidProcessConfigFile(GucContextcontext);

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp