2011-01-24 09:44:48 +08:00
|
|
|
--
|
|
|
|
-- Regression Test for DML Permissions
|
|
|
|
--
|
|
|
|
--
|
|
|
|
-- Setup
|
|
|
|
--
|
|
|
|
CREATE TABLE t1 (a int, b text);
|
|
|
|
SECURITY LABEL ON TABLE t1 IS 'system_u:object_r:sepgsql_table_t:s0';
|
|
|
|
INSERT INTO t1 VALUES (1, 'aaa'), (2, 'bbb'), (3, 'ccc');
|
|
|
|
CREATE TABLE t2 (x int, y text);
|
|
|
|
SECURITY LABEL ON TABLE t2 IS 'system_u:object_r:sepgsql_ro_table_t:s0';
|
|
|
|
INSERT INTO t2 VALUES (1, 'xxx'), (2, 'yyy'), (3, 'zzz');
|
|
|
|
CREATE TABLE t3 (s int, t text);
|
|
|
|
SECURITY LABEL ON TABLE t3 IS 'system_u:object_r:sepgsql_fixed_table_t:s0';
|
|
|
|
INSERT INTO t3 VALUES (1, 'sss'), (2, 'ttt'), (3, 'uuu');
|
|
|
|
CREATE TABLE t4 (m int, n text);
|
|
|
|
SECURITY LABEL ON TABLE t4 IS 'system_u:object_r:sepgsql_secret_table_t:s0';
|
|
|
|
INSERT INTO t4 VALUES (1, 'mmm'), (2, 'nnn'), (3, 'ooo');
|
|
|
|
CREATE TABLE t5 (e text, f text, g text);
|
|
|
|
SECURITY LABEL ON TABLE t5 IS 'system_u:object_r:sepgsql_table_t:s0';
|
|
|
|
SECURITY LABEL ON COLUMN t5.e IS 'system_u:object_r:sepgsql_table_t:s0';
|
|
|
|
SECURITY LABEL ON COLUMN t5.f IS 'system_u:object_r:sepgsql_ro_table_t:s0';
|
|
|
|
SECURITY LABEL ON COLUMN t5.g IS 'system_u:object_r:sepgsql_secret_table_t:s0';
|
|
|
|
CREATE TABLE customer (cid int primary key, cname text, ccredit text);
|
|
|
|
SECURITY LABEL ON COLUMN customer.ccredit IS 'system_u:object_r:sepgsql_secret_table_t:s0';
|
|
|
|
INSERT INTO customer VALUES (1, 'Taro', '1111-2222-3333-4444'),
|
|
|
|
(2, 'Hanako', '5555-6666-7777-8888');
|
|
|
|
CREATE FUNCTION customer_credit(int) RETURNS text
|
|
|
|
AS 'SELECT regexp_replace(ccredit, ''-[0-9]+$'', ''-????'') FROM customer WHERE cid = $1'
|
|
|
|
LANGUAGE sql;
|
|
|
|
SECURITY LABEL ON FUNCTION customer_credit(int)
|
|
|
|
IS 'system_u:object_r:sepgsql_trusted_proc_exec_t:s0';
|
|
|
|
SELECT objtype, objname, label FROM pg_seclabels
|
|
|
|
WHERE provider = 'selinux'
|
|
|
|
AND objtype in ('table', 'column')
|
2011-02-03 12:46:51 +08:00
|
|
|
AND objname in ('t1', 't2', 't3', 't4', 't5', 't5.e', 't5.f', 't5.g')
|
|
|
|
ORDER BY objname;
|
2011-01-24 09:44:48 +08:00
|
|
|
objtype | objname | label
|
|
|
|
---------+---------+---------------------------------------------
|
|
|
|
table | t1 | system_u:object_r:sepgsql_table_t:s0
|
|
|
|
table | t2 | system_u:object_r:sepgsql_ro_table_t:s0
|
|
|
|
table | t3 | system_u:object_r:sepgsql_fixed_table_t:s0
|
|
|
|
table | t4 | system_u:object_r:sepgsql_secret_table_t:s0
|
|
|
|
table | t5 | system_u:object_r:sepgsql_table_t:s0
|
|
|
|
column | t5.e | system_u:object_r:sepgsql_table_t:s0
|
2011-02-03 12:39:43 +08:00
|
|
|
column | t5.f | system_u:object_r:sepgsql_ro_table_t:s0
|
|
|
|
column | t5.g | system_u:object_r:sepgsql_secret_table_t:s0
|
2011-01-24 09:44:48 +08:00
|
|
|
(8 rows)
|
|
|
|
|
2013-04-05 20:51:31 +08:00
|
|
|
CREATE SCHEMA my_schema_1;
|
|
|
|
CREATE TABLE my_schema_1.ts1 (a int, b text);
|
|
|
|
CREATE SCHEMA my_schema_2;
|
|
|
|
CREATE TABLE my_schema_2.ts2 (x int, y text);
|
|
|
|
SECURITY LABEL ON SCHEMA my_schema_2
|
|
|
|
IS 'system_u:object_r:sepgsql_regtest_invisible_schema_t:s0';
|
2011-01-24 09:44:48 +08:00
|
|
|
-- Hardwired Rules
|
|
|
|
UPDATE pg_attribute SET attisdropped = true
|
|
|
|
WHERE attrelid = 't5'::regclass AND attname = 'f'; -- failed
|
2011-02-03 12:39:43 +08:00
|
|
|
ERROR: SELinux: hardwired security policy violation
|
2011-01-24 09:44:48 +08:00
|
|
|
--
|
|
|
|
-- Simple DML statements
|
|
|
|
--
|
|
|
|
SELECT sepgsql_getcon(); -- confirm client privilege
|
|
|
|
sepgsql_getcon
|
|
|
|
-----------------------------------------------------
|
|
|
|
unconfined_u:unconfined_r:sepgsql_regtest_user_t:s0
|
|
|
|
(1 row)
|
|
|
|
|
|
|
|
SELECT * FROM t1; -- ok
|
|
|
|
a | b
|
|
|
|
---+-----
|
|
|
|
1 | aaa
|
|
|
|
2 | bbb
|
|
|
|
3 | ccc
|
|
|
|
(3 rows)
|
|
|
|
|
|
|
|
SELECT * FROM t2; -- ok
|
|
|
|
x | y
|
|
|
|
---+-----
|
|
|
|
1 | xxx
|
|
|
|
2 | yyy
|
|
|
|
3 | zzz
|
|
|
|
(3 rows)
|
|
|
|
|
|
|
|
SELECT * FROM t3; -- ok
|
|
|
|
s | t
|
|
|
|
---+-----
|
|
|
|
1 | sss
|
|
|
|
2 | ttt
|
|
|
|
3 | uuu
|
|
|
|
(3 rows)
|
|
|
|
|
|
|
|
SELECT * FROM t4; -- failed
|
|
|
|
ERROR: SELinux: security policy violation
|
|
|
|
SELECT * FROM t5; -- failed
|
|
|
|
ERROR: SELinux: security policy violation
|
|
|
|
SELECT e,f FROM t5; -- ok
|
|
|
|
e | f
|
|
|
|
---+---
|
|
|
|
(0 rows)
|
|
|
|
|
|
|
|
SELECT * FROM customer; -- failed
|
|
|
|
ERROR: SELinux: security policy violation
|
|
|
|
SELECT cid, cname, customer_credit(cid) FROM customer; -- ok
|
|
|
|
cid | cname | customer_credit
|
|
|
|
-----+--------+---------------------
|
|
|
|
1 | Taro | 1111-2222-3333-????
|
|
|
|
2 | Hanako | 5555-6666-7777-????
|
|
|
|
(2 rows)
|
|
|
|
|
|
|
|
SELECT count(*) FROM t5; -- ok
|
|
|
|
count
|
|
|
|
-------
|
|
|
|
0
|
|
|
|
(1 row)
|
|
|
|
|
|
|
|
SELECT count(*) FROM t5 WHERE g IS NULL; -- failed
|
|
|
|
ERROR: SELinux: security policy violation
|
|
|
|
INSERT INTO t1 VALUES (4, 'abc'); -- ok
|
|
|
|
INSERT INTO t2 VALUES (4, 'xyz'); -- failed
|
|
|
|
ERROR: SELinux: security policy violation
|
|
|
|
INSERT INTO t3 VALUES (4, 'stu'); -- ok
|
|
|
|
INSERT INTO t4 VALUES (4, 'mno'); -- failed
|
|
|
|
ERROR: SELinux: security policy violation
|
|
|
|
INSERT INTO t5 VALUES (1,2,3); -- failed
|
|
|
|
ERROR: SELinux: security policy violation
|
|
|
|
INSERT INTO t5 (e,f) VALUES ('abc', 'def'); -- failed
|
|
|
|
ERROR: SELinux: security policy violation
|
|
|
|
INSERT INTO t5 (e) VALUES ('abc'); -- ok
|
|
|
|
UPDATE t1 SET b = b || '_upd'; -- ok
|
|
|
|
UPDATE t2 SET y = y || '_upd'; -- failed
|
|
|
|
ERROR: SELinux: security policy violation
|
|
|
|
UPDATE t3 SET t = t || '_upd'; -- failed
|
|
|
|
ERROR: SELinux: security policy violation
|
|
|
|
UPDATE t4 SET n = n || '_upd'; -- failed
|
|
|
|
ERROR: SELinux: security policy violation
|
|
|
|
UPDATE t5 SET e = 'xyz'; -- ok
|
|
|
|
UPDATE t5 SET e = f || '_upd'; -- ok
|
|
|
|
UPDATE t5 SET e = g || '_upd'; -- failed
|
|
|
|
ERROR: SELinux: security policy violation
|
|
|
|
DELETE FROM t1; -- ok
|
|
|
|
DELETE FROM t2; -- failed
|
|
|
|
ERROR: SELinux: security policy violation
|
|
|
|
DELETE FROM t3; -- failed
|
|
|
|
ERROR: SELinux: security policy violation
|
|
|
|
DELETE FROM t4; -- failed
|
|
|
|
ERROR: SELinux: security policy violation
|
|
|
|
DELETE FROM t5; -- ok
|
|
|
|
DELETE FROM t5 WHERE f IS NULL; -- ok
|
|
|
|
DELETE FROM t5 WHERE g IS NULL; -- failed
|
|
|
|
ERROR: SELinux: security policy violation
|
|
|
|
--
|
|
|
|
-- COPY TO/FROM statements
|
|
|
|
--
|
|
|
|
COPY t1 TO '/dev/null'; -- ok
|
|
|
|
COPY t2 TO '/dev/null'; -- ok
|
|
|
|
COPY t3 TO '/dev/null'; -- ok
|
|
|
|
COPY t4 TO '/dev/null'; -- failed
|
|
|
|
ERROR: SELinux: security policy violation
|
|
|
|
COPY t5 TO '/dev/null'; -- failed
|
|
|
|
ERROR: SELinux: security policy violation
|
|
|
|
COPY t5(e,f) TO '/dev/null'; -- ok
|
|
|
|
COPY t1 FROM '/dev/null'; -- ok
|
|
|
|
COPY t2 FROM '/dev/null'; -- failed
|
|
|
|
ERROR: SELinux: security policy violation
|
|
|
|
COPY t3 FROM '/dev/null'; -- ok
|
|
|
|
COPY t4 FROM '/dev/null'; -- failed
|
|
|
|
ERROR: SELinux: security policy violation
|
|
|
|
COPY t5 FROM '/dev/null'; -- failed
|
|
|
|
ERROR: SELinux: security policy violation
|
|
|
|
COPY t5 (e,f) FROM '/dev/null'; -- failed
|
|
|
|
ERROR: SELinux: security policy violation
|
|
|
|
COPY t5 (e) FROM '/dev/null'; -- ok
|
|
|
|
--
|
2013-04-05 20:51:31 +08:00
|
|
|
-- Schema search path
|
|
|
|
--
|
|
|
|
SET search_path = my_schema_1, my_schema_2, public;
|
|
|
|
SELECT * FROM ts1; -- ok
|
|
|
|
a | b
|
|
|
|
---+---
|
|
|
|
(0 rows)
|
|
|
|
|
|
|
|
SELECT * FROM ts2; -- failed (relation not found)
|
|
|
|
ERROR: relation "ts2" does not exist
|
|
|
|
LINE 1: SELECT * FROM ts2;
|
|
|
|
^
|
|
|
|
SELECT * FROM my_schema_2.ts2; -- failed (policy violation)
|
|
|
|
ERROR: SELinux: security policy violation
|
|
|
|
LINE 1: SELECT * FROM my_schema_2.ts2;
|
|
|
|
^
|
|
|
|
--
|
2011-01-24 09:44:48 +08:00
|
|
|
-- Clean up
|
|
|
|
--
|
|
|
|
SELECT sepgsql_getcon(); -- confirm client privilege
|
|
|
|
sepgsql_getcon
|
|
|
|
------------------------------------------------------
|
|
|
|
unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c255
|
|
|
|
(1 row)
|
|
|
|
|
|
|
|
DROP TABLE IF EXISTS t1 CASCADE;
|
|
|
|
DROP TABLE IF EXISTS t2 CASCADE;
|
|
|
|
DROP TABLE IF EXISTS t3 CASCADE;
|
|
|
|
DROP TABLE IF EXISTS t4 CASCADE;
|
|
|
|
DROP TABLE IF EXISTS t5 CASCADE;
|
|
|
|
DROP TABLE IF EXISTS customer CASCADE;
|
2013-04-05 20:51:31 +08:00
|
|
|
DROP SCHEMA IF EXISTS my_schema_1 CASCADE;
|
|
|
|
NOTICE: drop cascades to table my_schema_1.ts1
|
|
|
|
DROP SCHEMA IF EXISTS my_schema_2 CASCADE;
|
|
|
|
NOTICE: drop cascades to table my_schema_2.ts2
|