Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit9e83d73

Browse files
committed
Add a GUC_SUPERUSER_ONLY flag to mark GUC variables that should not be
examinable by non-superusers, and use it to protect the recently-addedGUC variables for data directory and config files. For now I have onlyflagged those variables that could be used to deduce something aboutthe server's filesystem layout, but possibly we should also mark varsrelated to logging settings and other admin-only information?
1 parent9309d5f commit9e83d73

File tree

3 files changed

+53
-25
lines changed

3 files changed

+53
-25
lines changed

‎src/backend/utils/misc/guc.c

Lines changed: 49 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -10,7 +10,7 @@
1010
* Written by Peter Eisentraut <peter_e@gmx.net>.
1111
*
1212
* IDENTIFICATION
13-
* $PostgreSQL: pgsql/src/backend/utils/misc/guc.c,v 1.245 2004/10/17 22:01:51 tgl Exp $
13+
* $PostgreSQL: pgsql/src/backend/utils/misc/guc.c,v 1.246 2004/10/22 19:48:19 tgl Exp $
1414
*
1515
*--------------------------------------------------------------------
1616
*/
@@ -1522,7 +1522,8 @@ static struct config_string ConfigureNamesString[] =
15221522
gettext_noop("If a dynamically loadable module needs to be opened and "
15231523
"the specified name does not have a directory component (i.e., the "
15241524
"name does not contain a slash), the system will search this path for "
1525-
"the specified file.")
1525+
"the specified file."),
1526+
GUC_SUPERUSER_ONLY
15261527
},
15271528
&Dynamic_library_path,
15281529
"$libdir",NULL,NULL
@@ -1531,7 +1532,8 @@ static struct config_string ConfigureNamesString[] =
15311532
{
15321533
{"krb_server_keyfile",PGC_POSTMASTER,CONN_AUTH_SECURITY,
15331534
gettext_noop("Sets the location of the Kerberos server key file."),
1534-
NULL
1535+
NULL,
1536+
GUC_SUPERUSER_ONLY
15351537
},
15361538
&pg_krb_server_keyfile,
15371539
PG_KRB_SRVTAB,NULL,NULL
@@ -1608,7 +1610,7 @@ static struct config_string ConfigureNamesString[] =
16081610
{"preload_libraries",PGC_POSTMASTER,RESOURCES_KERNEL,
16091611
gettext_noop("Lists shared libraries to preload into server."),
16101612
NULL,
1611-
GUC_LIST_INPUT |GUC_LIST_QUOTE
1613+
GUC_LIST_INPUT |GUC_LIST_QUOTE |GUC_SUPERUSER_ONLY
16121614
},
16131615
&preload_libraries_string,
16141616
"",NULL,NULL
@@ -1680,15 +1682,17 @@ static struct config_string ConfigureNamesString[] =
16801682
{"log_directory",PGC_SIGHUP,LOGGING_WHERE,
16811683
gettext_noop("Sets the destination directory for log files."),
16821684
gettext_noop("May be specified as relative to the data directory "
1683-
"or as absolute path.")
1685+
"or as absolute path."),
1686+
GUC_SUPERUSER_ONLY
16841687
},
16851688
&Log_directory,
16861689
"pg_log",assign_canonical_path,NULL
16871690
},
16881691
{
16891692
{"log_filename",PGC_SIGHUP,LOGGING_WHERE,
16901693
gettext_noop("Sets the file name pattern for log files."),
1691-
NULL
1694+
NULL,
1695+
GUC_SUPERUSER_ONLY
16921696
},
16931697
&Log_filename,
16941698
"postgresql-%Y-%m-%d_%H%M%S.log",NULL,NULL
@@ -1747,7 +1751,8 @@ static struct config_string ConfigureNamesString[] =
17471751
{
17481752
{"unix_socket_directory",PGC_POSTMASTER,CONN_AUTH_SETTINGS,
17491753
gettext_noop("Sets the directory where the Unix-domain socket will be created."),
1750-
NULL
1754+
NULL,
1755+
GUC_SUPERUSER_ONLY
17511756
},
17521757
&UnixSocketDir,
17531758
"",assign_canonical_path,NULL
@@ -1774,7 +1779,7 @@ static struct config_string ConfigureNamesString[] =
17741779

17751780
{
17761781
{"custom_variable_classes",PGC_POSTMASTER,RESOURCES_KERNEL,
1777-
gettext_noop("Sets the list of known custom variable classes"),
1782+
gettext_noop("Sets the list of known custom variable classes."),
17781783
NULL,
17791784
GUC_LIST_INPUT |GUC_LIST_QUOTE
17801785
},
@@ -1785,7 +1790,8 @@ static struct config_string ConfigureNamesString[] =
17851790
{
17861791
{"data_directory",PGC_POSTMASTER,FILE_LOCATIONS,
17871792
gettext_noop("Sets the server's data directory."),
1788-
NULL
1793+
NULL,
1794+
GUC_SUPERUSER_ONLY
17891795
},
17901796
&data_directory,
17911797
NULL,NULL,NULL
@@ -1795,7 +1801,7 @@ static struct config_string ConfigureNamesString[] =
17951801
{"config_file",PGC_POSTMASTER,FILE_LOCATIONS,
17961802
gettext_noop("Sets the server's main configuration file."),
17971803
NULL,
1798-
GUC_DISALLOW_IN_FILE
1804+
GUC_DISALLOW_IN_FILE |GUC_SUPERUSER_ONLY
17991805
},
18001806
&ConfigFileName,
18011807
NULL,NULL,NULL
@@ -1804,7 +1810,8 @@ static struct config_string ConfigureNamesString[] =
18041810
{
18051811
{"hba_file",PGC_POSTMASTER,FILE_LOCATIONS,
18061812
gettext_noop("Sets the server's \"hba\" configuration file"),
1807-
NULL
1813+
NULL,
1814+
GUC_SUPERUSER_ONLY
18081815
},
18091816
&HbaFileName,
18101817
NULL,NULL,NULL
@@ -1813,7 +1820,8 @@ static struct config_string ConfigureNamesString[] =
18131820
{
18141821
{"ident_file",PGC_POSTMASTER,FILE_LOCATIONS,
18151822
gettext_noop("Sets the server's \"ident\" configuration file"),
1816-
NULL
1823+
NULL,
1824+
GUC_SUPERUSER_ONLY
18171825
},
18181826
&IdentFileName,
18191827
NULL,NULL,NULL
@@ -1822,7 +1830,8 @@ static struct config_string ConfigureNamesString[] =
18221830
{
18231831
{"external_pid_file",PGC_POSTMASTER,FILE_LOCATIONS,
18241832
gettext_noop("Writes the postmaster PID to the specified file."),
1825-
NULL
1833+
NULL,
1834+
GUC_SUPERUSER_ONLY
18261835
},
18271836
&external_pid_file,
18281837
NULL,assign_canonical_path,NULL
@@ -1874,6 +1883,8 @@ static intguc_var_compare(const void *a, const void *b);
18741883
staticintguc_name_compare(constchar*namea,constchar*nameb);
18751884
staticvoidpush_old_value(structconfig_generic*gconf);
18761885
staticvoidReportGUCOption(structconfig_generic*record);
1886+
staticvoidShowGUCConfigOption(constchar*name,DestReceiver*dest);
1887+
staticvoidShowAllGUCConfig(DestReceiver*dest);
18771888
staticchar*_ShowOption(structconfig_generic*record);
18781889
staticboolcheck_userlimit_privilege(structconfig_generic*record,
18791890
GucSourcesource,intelevel);
@@ -3966,6 +3977,10 @@ GetConfigOption(const char *name)
39663977
ereport(ERROR,
39673978
(errcode(ERRCODE_UNDEFINED_OBJECT),
39683979
errmsg("unrecognized configuration parameter \"%s\"",name)));
3980+
if ((record->flags&GUC_SUPERUSER_ONLY)&& !superuser())
3981+
ereport(ERROR,
3982+
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
3983+
errmsg("must be superuser to examine \"%s\"",name)));
39693984

39703985
switch (record->vartype)
39713986
{
@@ -4002,6 +4017,10 @@ GetConfigOptionResetString(const char *name)
40024017
ereport(ERROR,
40034018
(errcode(ERRCODE_UNDEFINED_OBJECT),
40044019
errmsg("unrecognized configuration parameter \"%s\"",name)));
4020+
if ((record->flags&GUC_SUPERUSER_ONLY)&& !superuser())
4021+
ereport(ERROR,
4022+
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
4023+
errmsg("must be superuser to examine \"%s\"",name)));
40054024

40064025
switch (record->vartype)
40074026
{
@@ -4268,8 +4287,7 @@ define_custom_variable(struct config_generic * variable)
42684287
}
42694288

42704289
staticvoid
4271-
init_custom_variable(
4272-
structconfig_generic*gen,
4290+
init_custom_variable(structconfig_generic*gen,
42734291
constchar*name,
42744292
constchar*short_desc,
42754293
constchar*long_desc,
@@ -4462,7 +4480,7 @@ ResetPGVariable(const char *name)
44624480
/*
44634481
* SHOW command
44644482
*/
4465-
void
4483+
staticvoid
44664484
ShowGUCConfigOption(constchar*name,DestReceiver*dest)
44674485
{
44684486
TupOutputState*tstate;
@@ -4490,9 +4508,10 @@ ShowGUCConfigOption(const char *name, DestReceiver *dest)
44904508
/*
44914509
* SHOW ALL command
44924510
*/
4493-
void
4511+
staticvoid
44944512
ShowAllGUCConfig(DestReceiver*dest)
44954513
{
4514+
boolam_superuser=superuser();
44964515
inti;
44974516
TupOutputState*tstate;
44984517
TupleDesctupdesc;
@@ -4512,7 +4531,8 @@ ShowAllGUCConfig(DestReceiver *dest)
45124531
{
45134532
structconfig_generic*conf=guc_variables[i];
45144533

4515-
if (conf->flags&GUC_NO_SHOW_ALL)
4534+
if ((conf->flags&GUC_NO_SHOW_ALL)||
4535+
((conf->flags&GUC_SUPERUSER_ONLY)&& !am_superuser))
45164536
continue;
45174537

45184538
/* assign to the values array */
@@ -4544,6 +4564,10 @@ GetConfigOptionByName(const char *name, const char **varname)
45444564
ereport(ERROR,
45454565
(errcode(ERRCODE_UNDEFINED_OBJECT),
45464566
errmsg("unrecognized configuration parameter \"%s\"",name)));
4567+
if ((record->flags&GUC_SUPERUSER_ONLY)&& !superuser())
4568+
ereport(ERROR,
4569+
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
4570+
errmsg("must be superuser to examine \"%s\"",name)));
45474571

45484572
if (varname)
45494573
*varname=record->name;
@@ -4567,7 +4591,13 @@ GetConfigOptionByNum(int varnum, const char **values, bool *noshow)
45674591
conf=guc_variables[varnum];
45684592

45694593
if (noshow)
4570-
*noshow= (conf->flags&GUC_NO_SHOW_ALL) ? true : false;
4594+
{
4595+
if ((conf->flags&GUC_NO_SHOW_ALL)||
4596+
((conf->flags&GUC_SUPERUSER_ONLY)&& !superuser()))
4597+
*noshow= true;
4598+
else
4599+
*noshow= false;
4600+
}
45714601

45724602
/* first get the generic attributes */
45734603

‎src/include/utils/guc.h

Lines changed: 1 addition & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,7 @@
77
* Copyright (c) 2000-2004, PostgreSQL Global Development Group
88
* Written by Peter Eisentraut <peter_e@gmx.net>.
99
*
10-
* $PostgreSQL: pgsql/src/include/utils/guc.h,v 1.53 2004/10/09 23:13:22 tgl Exp $
10+
* $PostgreSQL: pgsql/src/include/utils/guc.h,v 1.54 2004/10/22 19:48:19 tgl Exp $
1111
*--------------------------------------------------------------------
1212
*/
1313
#ifndefGUC_H
@@ -194,8 +194,6 @@ extern void ParseLongOption(const char *string, char **name, char **value);
194194
externboolset_config_option(constchar*name,constchar*value,
195195
GucContextcontext,GucSourcesource,
196196
boolisLocal,boolchangeVal);
197-
externvoidShowGUCConfigOption(constchar*name,DestReceiver*dest);
198-
externvoidShowAllGUCConfig(DestReceiver*dest);
199197
externchar*GetConfigOptionByName(constchar*name,constchar**varname);
200198
externvoidGetConfigOptionByNum(intvarnum,constchar**values,bool*noshow);
201199
externintGetNumConfigOptions(void);

‎src/include/utils/guc_tables.h

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,7 @@
77
*
88
* Portions Copyright (c) 1996-2004, PostgreSQL Global Development Group
99
*
10-
* $PostgreSQL: pgsql/src/include/utils/guc_tables.h,v 1.17 2004/10/08 01:36:36 tgl Exp $
10+
* $PostgreSQL: pgsql/src/include/utils/guc_tables.h,v 1.18 2004/10/22 19:48:19 tgl Exp $
1111
*
1212
*-------------------------------------------------------------------------
1313
*/
@@ -123,8 +123,8 @@ struct config_generic
123123
#defineGUC_REPORT0x0010/* auto-report changes to client */
124124
#defineGUC_NOT_IN_SAMPLE0x0020/* not in postgresql.conf.sample */
125125
#defineGUC_DISALLOW_IN_FILE0x0040/* can't set in postgresql.conf */
126-
#defineGUC_CUSTOM_PLACEHOLDER0x0080/* placeholder foracustom
127-
* variable */
126+
#defineGUC_CUSTOM_PLACEHOLDER0x0080/* placeholder for custom variable */
127+
#defineGUC_SUPERUSER_ONLY0x0100/* show only to superusers */
128128

129129
/* bit values in status field */
130130
#defineGUC_HAVE_TENTATIVE0x0001/* tentative value is defined */

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp