Movatterモバイル変換


[0]ホーム

URL:


Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

Sign up
Appearance settings

Commitd707495

Browse files
committed
Fix thinko in recent patch to change temp-table permissions behavior:
this is an aclmask function and does not have the same return conventionas aclcheck functions. Also adjust the behavior so that users withoutCREATE TEMP permission still have USAGE permission on their session'stemp schema. This allows privileged code to create a temp table andmake it accessible to code that's not got the same privilege. (Sincethe default permissions on a table are no-access, an explicit grant onthe table will still be needed; but I see no reason that the temp schemaitself should prohibit such access.)
1 parenta6ea645 commitd707495

File tree

2 files changed

+28
-17
lines changed

2 files changed

+28
-17
lines changed

‎src/backend/catalog/aclchk.c

Lines changed: 23 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@
88
*
99
*
1010
* IDENTIFICATION
11-
* $PostgreSQL: pgsql/src/backend/catalog/aclchk.c,v 1.100 2004/05/26 18:35:32 momjian Exp $
11+
* $PostgreSQL: pgsql/src/backend/catalog/aclchk.c,v 1.101 2004/05/28 16:17:14 tgl Exp $
1212
*
1313
* NOTES
1414
* See acl.h.
@@ -1347,20 +1347,30 @@ pg_namespace_aclmask(Oid nsp_oid, AclId userid,
13471347
returnmask;
13481348

13491349
/*
1350-
* If we have been assigned this namespace as a temp
1351-
* namespace, check to make sure we have CREATE permissions on
1352-
* the database.
1350+
* If we have been assigned this namespace as a temp namespace,
1351+
* check to make sure we have CREATE TEMP permission on the database,
1352+
* and if so act as though we have all standard (but not GRANT OPTION)
1353+
* permissions on the namespace. If we don't have CREATE TEMP, act as
1354+
* though we have only USAGE (and not CREATE) rights.
13531355
*
1354-
* Instead of returning ACLCHECK_NO_PRIV, should we return via
1355-
* ereport() with a message about trying to create an object
1356-
* in a TEMP namespace when GetUserId() doesn't have perms?
1356+
* This may seem redundant given the check in InitTempTableNamespace,
1357+
* but it really isn't since current user ID may have changed since then.
1358+
* The upshot of this behavior is that a SECURITY INVOKER function can
1359+
* create temp tables that can then be accessed (if permission is granted)
1360+
* by code that doesn't have permissions to create temp tables.
1361+
*
1362+
* XXX Would it be safe to ereport a special error message as
1363+
* InitTempTableNamespace does? Returning zero here means we'll get a
1364+
* generic "permission denied for schema pg_temp_N" message, which is not
1365+
* remarkably user-friendly.
13571366
*/
1358-
if (isTempNamespace(nsp_oid)) {
1359-
if (pg_database_aclcheck(MyDatabaseId,GetUserId(),
1360-
ACL_CREATE_TEMP)==ACLCHECK_OK)
1361-
returnACLCHECK_OK;
1362-
else
1363-
returnACLCHECK_NO_PRIV;
1367+
if (isTempNamespace(nsp_oid))
1368+
{
1369+
if (pg_database_aclcheck(MyDatabaseId,GetUserId(),
1370+
ACL_CREATE_TEMP)==ACLCHECK_OK)
1371+
returnmask&ACL_ALL_RIGHTS_NAMESPACE;
1372+
else
1373+
returnmask&ACL_USAGE;
13641374
}
13651375

13661376
/*

‎src/backend/catalog/namespace.c

Lines changed: 5 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -13,7 +13,7 @@
1313
* Portions Copyright (c) 1994, Regents of the University of California
1414
*
1515
* IDENTIFICATION
16-
* $PostgreSQL: pgsql/src/backend/catalog/namespace.c,v 1.65 2004/05/26 18:35:32 momjian Exp $
16+
* $PostgreSQL: pgsql/src/backend/catalog/namespace.c,v 1.66 2004/05/28 16:17:14 tgl Exp $
1717
*
1818
*-------------------------------------------------------------------------
1919
*/
@@ -1640,9 +1640,10 @@ InitTempTableNamespace(void)
16401640
* tables.We use a nonstandard error message here since
16411641
* "databasename: permission denied" might be a tad cryptic.
16421642
*
1643-
* ACL_CREATE_TEMP perms are also checked in
1644-
* pg_namespace_aclcheck() that way only users who have TEMP
1645-
* perms can create objects.
1643+
* Note that ACL_CREATE_TEMP rights are rechecked in pg_namespace_aclmask;
1644+
* that's necessary since current user ID could change during the session.
1645+
* But there's no need to make the namespace in the first place until a
1646+
* temp table creation request is made by someone with appropriate rights.
16461647
*/
16471648
if (pg_database_aclcheck(MyDatabaseId,GetUserId(),
16481649
ACL_CREATE_TEMP)!=ACLCHECK_OK)

0 commit comments

Comments
 (0)

[8]ページ先頭

©2009-2025 Movatter.jp