NotificationsYou must be signed in to change notification settings
Fork6
Star31

Commitd8ba3df

committed

Change backend-side COPY to write files with permissions 644 not 666

(whoever thought world-writable files were a good default????). Modifythe pg_pwd code so that pg_pwd is created with 600 permissions. Modifyinitdb so that permissions on a pre-existing PGDATA directory are notblindly accepted: if the dir is already there, it does chmod go-rwxto be sure that the permissions are OK and the dir actually is ownedby postgres.

1 parent76ccf73 commitd8ba3dfCopy full SHA for d8ba3df

File tree

5 files changed

+49

-23

lines changed

src
- backend
  - commands
    - copy.c
    - user.c
  - tcop
    - utility.c
- bin/initdb
  - initdb.sh
- include/commands
  - copy.h

5 files changed

+49

-23

lines changed

`‎src/backend/commands/copy.c`

Lines changed: 9 additions & 4 deletions

Original file line number	Diff line number	Diff line change
`@@ -6,7 +6,7 @@`
`6`	`6`	`*`
`7`	`7`	`*`
`8`	`8`	`* IDENTIFICATION`
`9`		`- * $Header: /cvsroot/pgsql/src/backend/commands/copy.c,v 1.89 1999/09/27 20:00:44 momjian Exp $`
	`9`	`+ * $Header: /cvsroot/pgsql/src/backend/commands/copy.c,v 1.90 1999/11/21 04:16:17 tgl Exp $`
`10`	`10`	`*`
`11`	`11`	`*-------------------------------------------------------------------------`
`12`	`12`	`*/`
`@@ -214,12 +214,12 @@ CopyDonePeek(FILE *fp, int c, int pickup)`
`214`	`214`
`215`	`215`
`216`	`216`	`/*`
`217`		`- * DoCopy executesathe SQL COPY statement.`
	`217`	`+ * DoCopy executes the SQL COPY statement.`
`218`	`218`	`*/`
`219`	`219`
`220`	`220`	`void`
`221`	`221`	`DoCopy(char*relname,boolbinary,booloids,boolfrom,boolpipe,`
`222`		`-charfilename,chardelim)`
	`222`	`+charfilename,chardelim,intfileumask)`
`223`	`223`	`{`
`224`	`224`	`/*----------------------------------------------------------------------------`
`225`	`225`	`Either unload or reload contents of class <relname>, depending on <from>.`
`@@ -234,6 +234,11 @@ DoCopy(char *relname, bool binary, bool oids, bool from, bool pipe,`
`234`	`234`
`235`	`235`	`If in the text format, delimit columns with delimiter <delim>.`
`236`	`236`
	`237`	`+ <fileumask> is the umask(2) setting to use while creating an output file.`
	`238`	`+ This should usually be more liberal than the backend's normal 077 umask,`
	`239`	`+ but not always (in particular, "pg_pwd" should be written with 077!).`
	`240`	`+ Up through version 6.5, <fileumask> was always 000, which was foolhardy.`
	`241`	`+`
`237`	`242`	`When loading in the text format from an input stream (as opposed to`
`238`	`243`	`a file), recognize a "." on a line by itself as EOF.Also recognize`
`239`	`244`	`a stream EOF. When unloading in the text format to an output stream,`
`@@ -316,7 +321,7 @@ DoCopy(char *relname, bool binary, bool oids, bool from, bool pipe,`
`316`	`321`	`{`
`317`	`322`	`mode_toumask;/* Pre-existing umask value */`
`318`	`323`
`319`		`-oumask=umask((mode_t)0);`
	`324`	`+oumask=umask((mode_t)fileumask);`
`320`	`325`	`#ifndef__CYGWIN32__`
`321`	`326`	`fp=AllocateFile(filename,"w");`
`322`	`327`	`#else`

`‎src/backend/commands/user.c`

Lines changed: 22 additions & 13 deletions

Original file line number	Diff line number	Diff line change
`@@ -5,7 +5,7 @@`
`5`	`5`	`*`
`6`	`6`	`* Copyright (c) 1994, Regents of the University of California`
`7`	`7`	`*`
`8`		`- * $Id: user.c,v 1.35 1999/09/2716:44:50 momjian Exp $`
	`8`	`+ * $Id: user.c,v 1.36 1999/11/21 04:16:16 tgl Exp $`
`9`	`9`	`*`
`10`	`10`	`*-------------------------------------------------------------------------`
`11`	`11`	`*/`
`@@ -20,6 +20,7 @@`
`20`	`20`	`#include"catalog/catname.h"`
`21`	`21`	`#include"catalog/pg_database.h"`
`22`	`22`	`#include"catalog/pg_shadow.h"`
	`23`	`+#include"commands/copy.h"`
`23`	`24`	`#include"commands/user.h"`
`24`	`25`	`#include"libpq/crypt.h"`
`25`	`26`	`#include"miscadmin.h"`
`@@ -43,7 +44,7 @@ static void CheckPgUserAclNotNull(void);`
`43`	`44`	`*---------------------------------------------------------------------`
`44`	`45`	`*/`
`45`	`46`	`staticvoid`
`46`		`-UpdatePgPwdFile(char*sql,CommandDestdest)`
	`47`	`+UpdatePgPwdFile(void)`
`47`	`48`	`{`
`48`	`49`	`char*filename,`
`49`	`50`	`*tempname;`
`@@ -60,16 +61,22 @@ UpdatePgPwdFile(char *sql, CommandDest dest)`
`60`	`61`	`snprintf(tempname,bufsize,"%s.%d",filename,MyProcPid);`
`61`	`62`
`62`	`63`	`/*`
`63`		`- * Copy the contents of pg_shadow to the pg_pwd ASCII file using a the`
`64`		`- * SEPCHAR character as the delimiter between fields. Then rename the`
`65`		`- * file to its final name.`
	`64`	`+ * Copy the contents of pg_shadow to the pg_pwd ASCII file using the`
	`65`	`+ * SEPCHAR character as the delimiter between fields. Make sure the`
	`66`	`+ * file is created with mode 600 (umask 077).`
	`67`	`+ */`
	`68`	`+DoCopy(ShadowRelationName,/* relname */`
	`69`	`+ false,/* binary */`
	`70`	`+ false,/* oids */`
	`71`	`+ false,/* from */`
	`72`	`+ false,/* pipe */`
	`73`	`+tempname,/* filename */`
	`74`	`+CRYPT_PWD_FILE_SEPCHAR,/* delim */`
	`75`	`+0077);/* fileumask */`
	`76`	`+/*`
	`77`	`+ * And rename the temp file to its final name, deleting the old pg_pwd.`
`66`	`78`	`*/`
`67`		`-snprintf(sql,SQL_LENGTH,`
`68`		`-"copy %s to '%s' using delimiters %s",`
`69`		`-ShadowRelationName,tempname,CRYPT_PWD_FILE_SEPCHAR);`
`70`		`-pg_exec_query_dest(sql,dest, false);`
`71`	`79`	`rename(tempname,filename);`
`72`		`-pfree((void*)tempname);`
`73`	`80`
`74`	`81`	`/*`
`75`	`82`	`* Create a flag file the postmaster will detect the next time it`
`@@ -78,6 +85,8 @@ UpdatePgPwdFile(char *sql, CommandDest dest)`
`78`	`85`	`*/`
`79`	`86`	`filename=crypt_getpwdreloadfilename();`
`80`	`87`	`creat(filename,S_IRUSR \|S_IWUSR);`
	`88`	`+`
	`89`	`+pfree((void*)tempname);`
`81`	`90`	`}`
`82`	`91`
`83`	`92`	`/*---------------------------------------------------------------------`
`@@ -203,7 +212,7 @@ DefineUser(CreateUserStmt *stmt, CommandDest dest)`
`203`	`212`	`* we can be sure no other backend will try to write the flat`
`204`	`213`	`* file at the same time.`
`205`	`214`	`*/`
`206`		`-UpdatePgPwdFile(sql,dest);`
	`215`	`+UpdatePgPwdFile();`
`207`	`216`
`208`	`217`	`/*`
`209`	`218`	`* Now we can clean up.`
`@@ -313,7 +322,7 @@ AlterUser(AlterUserStmt *stmt, CommandDest dest)`
`313`	`322`	`* we can be sure no other backend will try to write the flat`
`314`	`323`	`* file at the same time.`
`315`	`324`	`*/`
`316`		`-UpdatePgPwdFile(sql,dest);`
	`325`	`+UpdatePgPwdFile();`
`317`	`326`
`318`	`327`	`/*`
`319`	`328`	`* Now we can clean up.`
`@@ -446,7 +455,7 @@ RemoveUser(char *user, CommandDest dest)`
`446`	`455`	`* we can be sure no other backend will try to write the flat`
`447`	`456`	`* file at the same time.`
`448`	`457`	`*/`
`449`		`-UpdatePgPwdFile(sql,dest);`
	`458`	`+UpdatePgPwdFile();`
`450`	`459`
`451`	`460`	`/*`
`452`	`461`	`* Now we can clean up.`

`‎src/backend/tcop/utility.c`

Lines changed: 6 additions & 2 deletions

Original file line number	Diff line number	Diff line change
`@@ -9,7 +9,7 @@`
`9`	`9`	`*`
`10`	`10`	`*`
`11`	`11`	`* IDENTIFICATION`
`12`		`- * $Header: /cvsroot/pgsql/src/backend/tcop/utility.c,v 1.71 1999/10/26 03:12:36 momjian Exp $`
	`12`	`+ * $Header: /cvsroot/pgsql/src/backend/tcop/utility.c,v 1.72 1999/11/21 04:16:16 tgl Exp $`
`13`	`13`	`*`
`14`	`14`	`*-------------------------------------------------------------------------`
`15`	`15`	`*/`
`@@ -268,7 +268,11 @@ ProcessUtility(Node *parsetree,`
`268`	`268`	`* than to/from a file.`
`269`	`269`	`*/`
`270`	`270`	`stmt->filename,`
`271`		`-stmt->delimiter);`
	`271`	`+stmt->delimiter,`
	`272`	`+/*`
	`273`	`+ * specify 022 umask while writing files with COPY.`
	`274`	`+ */`
	`275`	`+0022);`
`272`	`276`	`}`
`273`	`277`	`break;`
`274`	`278`

`‎src/bin/initdb/initdb.sh`

Lines changed: 9 additions & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -26,7 +26,7 @@`
`26`	`26`	`#`
`27`	`27`	`#`
`28`	`28`	`# IDENTIFICATION`
`29`		`-# $Header: /cvsroot/pgsql/src/bin/initdb/Attic/initdb.sh,v 1.61 1999/10/06 21:58:12 vadim Exp $`
	`29`	`+# $Header: /cvsroot/pgsql/src/bin/initdb/Attic/initdb.sh,v 1.62 1999/11/21 04:16:15 tgl Exp $`
`30`	`30`	`#`
`31`	`31`	`#-------------------------------------------------------------------------`
`32`	`32`
`@@ -293,6 +293,11 @@ else`
`293`	`293`	`echo`
`294`	`294`	`mkdir$PGDATA`
`295`	`295`	`if [$?-ne 0 ];thenexit 5;fi`
	`296`	`+else`
	`297`	`+echo"Fixing permissions on pre-existing$PGDATA"`
	`298`	`+echo`
	`299`	`+chmod go-rwx$PGDATA`
	`300`	`+if [$?-ne 0 ];thenexit 5;fi`
`296`	`301`	`fi`
`297`	`302`	`if [!-d$PGDATA/base ];then`
`298`	`303`	`echo"Creating Postgres database system directory$PGDATA/base"`
`@@ -411,8 +416,11 @@ PGSQL_OPT="-o /dev/null -O -F -Q -D$PGDATA"`
`411`	`416`	`echo"Vacuuming template1"`
`412`	`417`	`echo"vacuum"\| postgres$PGSQL_OPT template1> /dev/null`
`413`	`418`
	`419`	`+# Create the initial pg_pwd (flat-file copy of pg_shadow)`
`414`	`420`	`echo"COPY pg_shadow TO '$PGDATA/pg_pwd' USING DELIMITERS '\\t'"\| \`
`415`	`421`	`postgres$PGSQL_OPT template1> /dev/null`
	`422`	`+# An ordinary COPY will leave the file too loosely protected.`
	`423`	`+chmod go-rw$PGDATA/pg_pwd`
`416`	`424`
`417`	`425`	`echo"Creating public pg_user view"`
`418`	`426`	`echo"CREATE TABLE pg_user (\`

`‎src/include/commands/copy.h`

Lines changed: 3 additions & 3 deletions

Original file line number	Diff line number	Diff line change
`@@ -6,15 +6,15 @@`
`6`	`6`	`*`
`7`	`7`	`* Copyright (c) 1994, Regents of the University of California`
`8`	`8`	`*`
`9`		`- * $Id: copy.h,v 1.5 1999/02/13 23:21:18 momjian Exp $`
	`9`	`+ * $Id: copy.h,v 1.6 1999/11/21 04:16:17 tgl Exp $`
`10`	`10`	`*`
`11`	`11`	`*-------------------------------------------------------------------------`
`12`	`12`	`*/`
`13`	`13`	`#ifndefCOPY_H`
`14`	`14`	`#defineCOPY_H`
`15`	`15`
`16`	`16`
`17`		`-voidDoCopy(charrelname,boolbinary,booloids,boolfrom,boolpipe,charfilename,`
`18`		`-char*delim);`
	`17`	`+voidDoCopy(char*relname,boolbinary,booloids,boolfrom,boolpipe,`
	`18`	`+charfilename,chardelim,intfileumask);`
`19`	`19`
`20`	`20`	`#endif/* COPY_H */`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commitd8ba3df

File tree

5 files changed

5 files changed

`‎src/backend/commands/copy.c`

`‎src/backend/commands/user.c`

`‎src/backend/tcop/utility.c`

`‎src/bin/initdb/initdb.sh`

`‎src/include/commands/copy.h`

0 commit comments