Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit9544cc0

Browse files
committed
Move permissions check from do_pg_start_backup to pg_start_backup
And the same for do_pg_stop_backup. The code in do_pg_* is not allowedto access the catalogs. For manual base backups, the permissionscheck can be handled in the calling function, and for streamingbase backups only users with the required permissions can get pastthe authentication step in the first place.Reported by Antonin Houska, diagnosed by Andres Freund
1 parentb168c5e commit9544cc0

File tree

2 files changed

+16
-10
lines changed

2 files changed

+16
-10
lines changed

‎src/backend/access/transam/xlog.c

Lines changed: 6 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -9727,6 +9727,9 @@ XLogFileNameP(TimeLineID tli, XLogSegNo segno)
97279727
*
97289728
* Every successfully started non-exclusive backup must be stopped by calling
97299729
* do_pg_stop_backup() or do_pg_abort_backup().
9730+
*
9731+
* It is the responsibility of the caller of this function to verify the
9732+
* permissions of the calling user!
97309733
*/
97319734
XLogRecPtr
97329735
do_pg_start_backup(constchar*backupidstr,boolfast,TimeLineID*starttli_p,
@@ -9747,11 +9750,6 @@ do_pg_start_backup(const char *backupidstr, bool fast, TimeLineID *starttli_p,
97479750

97489751
backup_started_in_recovery=RecoveryInProgress();
97499752

9750-
if (!superuser()&& !has_rolreplication(GetUserId()))
9751-
ereport(ERROR,
9752-
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
9753-
errmsg("must be superuser or replication role to run a backup")));
9754-
97559753
/*
97569754
* Currently only non-exclusive backup can be taken during recovery.
97579755
*/
@@ -10053,6 +10051,9 @@ pg_start_backup_callback(int code, Datum arg)
1005310051
*
1005410052
* Returns the last WAL position that must be present to restore from this
1005510053
* backup, and the corresponding timeline ID in *stoptli_p.
10054+
*
10055+
* It is the responsibility of the caller of this function to verify the
10056+
* permissions of the calling user!
1005610057
*/
1005710058
XLogRecPtr
1005810059
do_pg_stop_backup(char*labelfile,boolwaitforarchive,TimeLineID*stoptli_p)
@@ -10085,11 +10086,6 @@ do_pg_stop_backup(char *labelfile, bool waitforarchive, TimeLineID *stoptli_p)
1008510086

1008610087
backup_started_in_recovery=RecoveryInProgress();
1008710088

10088-
if (!superuser()&& !has_rolreplication(GetUserId()))
10089-
ereport(ERROR,
10090-
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
10091-
(errmsg("must be superuser or replication role to run a backup"))));
10092-
1009310089
/*
1009410090
* Currently only non-exclusive backup can be taken during recovery.
1009510091
*/

‎src/backend/access/transam/xlogfuncs.c

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -56,6 +56,11 @@ pg_start_backup(PG_FUNCTION_ARGS)
5656

5757
backupidstr=text_to_cstring(backupid);
5858

59+
if (!superuser()&& !has_rolreplication(GetUserId()))
60+
ereport(ERROR,
61+
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
62+
errmsg("must be superuser or replication role to run a backup")));
63+
5964
startpoint=do_pg_start_backup(backupidstr,fast,NULL,NULL);
6065

6166
snprintf(startxlogstr,sizeof(startxlogstr),"%X/%X",
@@ -82,6 +87,11 @@ pg_stop_backup(PG_FUNCTION_ARGS)
8287
XLogRecPtrstoppoint;
8388
charstopxlogstr[MAXFNAMELEN];
8489

90+
if (!superuser()&& !has_rolreplication(GetUserId()))
91+
ereport(ERROR,
92+
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
93+
(errmsg("must be superuser or replication role to run a backup"))));
94+
8595
stoppoint=do_pg_stop_backup(NULL, true,NULL);
8696

8797
snprintf(stopxlogstr,sizeof(stopxlogstr),"%X/%X",

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp