Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commitd61de58

Browse files
committed
Arrange for the default permissions on a database to allow temp table
creation to world, but disallow temp table creation in template1. Perlatest round of pghackers discussion.I did not force initdb, but the permissions lockdown on template1 willnot take effect unless you do one (or manually REVOKE TEMP ON DATABASE template1 FROM public).
1 parentc7d07b5 commitd61de58

File tree

4 files changed

+27
-12
lines changed

4 files changed

+27
-12
lines changed

‎doc/src/sgml/ref/grant.sgml‎

Lines changed: 8 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
<!--
2-
$Header: /cvsroot/pgsql/doc/src/sgml/ref/grant.sgml,v 1.28 2002/08/12 20:02:09 petere Exp $
2+
$Header: /cvsroot/pgsql/doc/src/sgml/ref/grant.sgml,v 1.29 2002/09/03 22:17:34 tgl Exp $
33
PostgreSQL documentation
44
-->
55

@@ -292,11 +292,13 @@ GRANT SELECT,UPDATE,INSERT ON mytable TO GROUP todos;
292292
<para>
293293
If the <quote>Access privileges</> column is empty for a given object,
294294
it means the object has default privileges (that is, its privileges field
295-
is NULL). Currently, default privileges are interpreted the same way
296-
for all object types: all privileges for the owner and no privileges for
297-
anyone else. The first <command>GRANT</> on an object will instantiate
298-
this default (producing, for example, <literal>{=,miriam=arwdRxt}</>)
299-
and then modify it per the specified request.
295+
is NULL). Currently, default privileges are interpreted as <quote>all
296+
privileges for the owner and no privileges for anyone else</quote>, except
297+
for databases: the default privilege settings for a database allow anyone
298+
to create temporary tables in it. The first <command>GRANT</> or
299+
<command>REVOKE</> on an object
300+
will instantiate the default privileges (producing, for example,
301+
<literal>{=,miriam=arwdRxt}</>) and then modify them per the specified request.
300302
</para>
301303
</refsect1>
302304

‎src/backend/commands/dbcommands.c‎

Lines changed: 7 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -9,7 +9,7 @@
99
*
1010
*
1111
* IDENTIFICATION
12-
* $Header: /cvsroot/pgsql/src/backend/commands/dbcommands.c,v 1.103 2002/09/0321:45:41 petere Exp $
12+
* $Header: /cvsroot/pgsql/src/backend/commands/dbcommands.c,v 1.104 2002/09/0322:17:34 tgl Exp $
1313
*
1414
*-------------------------------------------------------------------------
1515
*/
@@ -328,7 +328,12 @@ createdb(const CreatedbStmt *stmt)
328328
/* do not set datpath to null, GetRawDatabaseInfo won't cope */
329329
new_record[Anum_pg_database_datpath-1]=
330330
DirectFunctionCall1(textin,CStringGetDatum(dbpath ?dbpath :""));
331-
331+
/*
332+
* We deliberately set datconfig and datacl to defaults (NULL), rather
333+
* than copying them from the template database. Copying datacl would
334+
* be a bad idea when the owner is not the same as the template's owner.
335+
* It's more debatable whether datconfig should be copied.
336+
*/
332337
new_record_nulls[Anum_pg_database_datconfig-1]='n';
333338
new_record_nulls[Anum_pg_database_datacl-1]='n';
334339

‎src/backend/utils/adt/acl.c‎

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@
88
*
99
*
1010
* IDENTIFICATION
11-
* $Header: /cvsroot/pgsql/src/backend/utils/adt/acl.c,v 1.77 2002/08/27 03:56:35momjian Exp $
11+
* $Header: /cvsroot/pgsql/src/backend/utils/adt/acl.c,v 1.78 2002/09/03 22:17:35tgl Exp $
1212
*
1313
*-------------------------------------------------------------------------
1414
*/
@@ -396,7 +396,7 @@ aclitemgt(const AclItem *a1, const AclItem *a2)
396396
* acldefault() --- create an ACL describing default access permissions
397397
*
398398
* Change this routine if you want to alter the default access policy for
399-
* newly-createdtables (or anytable with a NULL acl entry in pg_class)
399+
* newly-createdobjects (or anyobject with a NULL acl entry).
400400
*/
401401
Acl*
402402
acldefault(GrantObjectTypeobjtype,AclIdownerid)
@@ -413,7 +413,7 @@ acldefault(GrantObjectType objtype, AclId ownerid)
413413
owner_default=ACL_ALL_RIGHTS_RELATION;
414414
break;
415415
caseACL_OBJECT_DATABASE:
416-
world_default=ACL_NO_RIGHTS;
416+
world_default=ACL_CREATE_TEMP;/* not NO_RIGHTS! */
417417
owner_default=ACL_ALL_RIGHTS_DATABASE;
418418
break;
419419
caseACL_OBJECT_FUNCTION:

‎src/bin/initdb/initdb.sh‎

Lines changed: 9 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -27,7 +27,7 @@
2727
# Portions Copyright (c) 1996-2002, PostgreSQL Global Development Group
2828
# Portions Copyright (c) 1994, Regents of the University of California
2929
#
30-
# $Header: /cvsroot/pgsql/src/bin/initdb/Attic/initdb.sh,v 1.171 2002/09/0321:45:43 petere Exp $
30+
# $Header: /cvsroot/pgsql/src/bin/initdb/Attic/initdb.sh,v 1.172 2002/09/0322:17:35 tgl Exp $
3131
#
3232
#-------------------------------------------------------------------------
3333

@@ -1064,6 +1064,14 @@ UPDATE pg_database SET \
10641064
UPDATE pg_database SET datlastsysoid =\
10651065
(SELECT oid - 1 FROM pg_database WHERE datname = 'template0');
10661066
1067+
-- Explicitly revoke public create-schema and create-temp-table privileges
1068+
-- in template1 and template0; else the latter would be on by default
1069+
1070+
REVOKE CREATE,TEMPORARY ON DATABASE template1 FROM public;
1071+
REVOKE CREATE,TEMPORARY ON DATABASE template0 FROM public;
1072+
1073+
-- Finally vacuum to clean up dead rows in pg_database
1074+
10671075
VACUUM FULL pg_database;
10681076
EOF
10691077
if ["$?"-ne 0 ];then

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp