Restrict pgstattuple functions to superusers. While the only one that's

really a glaring security hole is bt_page_items, there's not a very good
use-case for letting ordinary users use 'em, either.
This commit is contained in:
Tom Lane 2007-08-28 23:11:12 +00:00
parent 10f4362255
commit acb6631041
2 changed files with 38 additions and 1 deletions

View File

@ -32,6 +32,7 @@
#include "access/transam.h"
#include "catalog/namespace.h"
#include "catalog/pg_type.h"
#include "miscadmin.h"
#include "utils/builtins.h"
#include "utils/inval.h"
@ -235,6 +236,11 @@ pgstatindex(PG_FUNCTION_ARGS)
uint32 blkno;
BTIndexStat indexStat;
if (!superuser())
ereport(ERROR,
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
(errmsg("must be superuser to use pgstattuple functions"))));
relrv = makeRangeVarFromNameList(textToQualifiedNameList(relname));
rel = relation_openrv(relrv, AccessShareLock);
@ -391,6 +397,11 @@ bt_page_stats(PG_FUNCTION_ARGS)
RangeVar *relrv;
Datum result;
if (!superuser())
ereport(ERROR,
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
(errmsg("must be superuser to use pgstattuple functions"))));
relrv = makeRangeVarFromNameList(textToQualifiedNameList(relname));
rel = relation_openrv(relrv, AccessShareLock);
@ -497,6 +508,11 @@ bt_page_items(PG_FUNCTION_ARGS)
MemoryContext mctx;
struct user_args *uargs = NULL;
if (!superuser())
ereport(ERROR,
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
(errmsg("must be superuser to use pgstattuple functions"))));
if (blkno == 0)
elog(ERROR, "Block 0 is a meta page.");
@ -624,6 +640,11 @@ bt_metap(PG_FUNCTION_ARGS)
RangeVar *relrv;
Datum result;
if (!superuser())
ereport(ERROR,
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
(errmsg("must be superuser to use pgstattuple functions"))));
relrv = makeRangeVarFromNameList(textToQualifiedNameList(relname));
rel = relation_openrv(relrv, AccessShareLock);
@ -691,6 +712,11 @@ pg_relpages(PG_FUNCTION_ARGS)
RangeVar *relrv;
int4 relpages;
if (!superuser())
ereport(ERROR,
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
(errmsg("must be superuser to use pgstattuple functions"))));
relrv = makeRangeVarFromNameList(textToQualifiedNameList(relname));
rel = relation_openrv(relrv, AccessShareLock);

View File

@ -1,5 +1,5 @@
/*
* $PostgreSQL: pgsql/contrib/pgstattuple/pgstattuple.c,v 1.25 2006/10/04 00:29:46 momjian Exp $
* $PostgreSQL: pgsql/contrib/pgstattuple/pgstattuple.c,v 1.25.2.1 2007/08/28 23:11:12 tgl Exp $
*
* Copyright (c) 2001,2002 Tatsuo Ishii
*
@ -32,6 +32,7 @@
#include "access/nbtree.h"
#include "access/transam.h"
#include "catalog/namespace.h"
#include "miscadmin.h"
#include "utils/builtins.h"
@ -163,6 +164,11 @@ pgstattuple(PG_FUNCTION_ARGS)
RangeVar *relrv;
Relation rel;
if (!superuser())
ereport(ERROR,
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
(errmsg("must be superuser to use pgstattuple functions"))));
/* open relation */
relrv = makeRangeVarFromNameList(textToQualifiedNameList(relname));
rel = relation_openrv(relrv, AccessShareLock);
@ -176,6 +182,11 @@ pgstattuplebyid(PG_FUNCTION_ARGS)
Oid relid = PG_GETARG_OID(0);
Relation rel;
if (!superuser())
ereport(ERROR,
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
(errmsg("must be superuser to use pgstattuple functions"))));
/* open relation */
rel = relation_open(relid, AccessShareLock);