mirror of
https://git.postgresql.org/git/postgresql.git
synced 2024-12-15 08:20:16 +08:00
9b5efb80ce
to prevent possible escalation of privilege. Provide new SECURITY DEFINER functions with old behavior, but initially REVOKE ALL from public for these functions. Per list discussion and design proposed by Tom Lane.
165 lines
4.4 KiB
MySQL
165 lines
4.4 KiB
MySQL
-- dblink_connect now restricts non-superusers to password
|
|
-- authenticated connections
|
|
CREATE OR REPLACE FUNCTION dblink_connect (text)
|
|
RETURNS text
|
|
AS 'MODULE_PATHNAME','dblink_connect'
|
|
LANGUAGE 'C' STRICT;
|
|
|
|
CREATE OR REPLACE FUNCTION dblink_connect (text, text)
|
|
RETURNS text
|
|
AS 'MODULE_PATHNAME','dblink_connect'
|
|
LANGUAGE 'C' STRICT;
|
|
|
|
-- dblink_connect_u allows non-superusers to use
|
|
-- non-password authenticated connections, but initially
|
|
-- privileges are revoked from public
|
|
CREATE OR REPLACE FUNCTION dblink_connect_u (text)
|
|
RETURNS text
|
|
AS 'MODULE_PATHNAME','dblink_connect'
|
|
LANGUAGE C STRICT SECURITY DEFINER;
|
|
|
|
CREATE OR REPLACE FUNCTION dblink_connect_u (text, text)
|
|
RETURNS text
|
|
AS 'MODULE_PATHNAME','dblink_connect'
|
|
LANGUAGE C STRICT SECURITY DEFINER;
|
|
|
|
REVOKE ALL ON FUNCTION dblink_connect_u (text) FROM public;
|
|
REVOKE ALL ON FUNCTION dblink_connect_u (text, text) FROM public;
|
|
|
|
CREATE OR REPLACE FUNCTION dblink_disconnect ()
|
|
RETURNS text
|
|
AS 'MODULE_PATHNAME','dblink_disconnect'
|
|
LANGUAGE 'C' STRICT;
|
|
|
|
CREATE OR REPLACE FUNCTION dblink_disconnect (text)
|
|
RETURNS text
|
|
AS 'MODULE_PATHNAME','dblink_disconnect'
|
|
LANGUAGE 'C' STRICT;
|
|
|
|
CREATE OR REPLACE FUNCTION dblink_open (text,text)
|
|
RETURNS text
|
|
AS 'MODULE_PATHNAME','dblink_open'
|
|
LANGUAGE 'C' STRICT;
|
|
|
|
CREATE OR REPLACE FUNCTION dblink_open (text,text,bool)
|
|
RETURNS text
|
|
AS 'MODULE_PATHNAME','dblink_open'
|
|
LANGUAGE 'C' STRICT;
|
|
|
|
CREATE OR REPLACE FUNCTION dblink_open (text,text,text)
|
|
RETURNS text
|
|
AS 'MODULE_PATHNAME','dblink_open'
|
|
LANGUAGE 'C' STRICT;
|
|
|
|
CREATE OR REPLACE FUNCTION dblink_open (text,text,text,bool)
|
|
RETURNS text
|
|
AS 'MODULE_PATHNAME','dblink_open'
|
|
LANGUAGE 'C' STRICT;
|
|
|
|
CREATE OR REPLACE FUNCTION dblink_fetch (text,int)
|
|
RETURNS setof record
|
|
AS 'MODULE_PATHNAME','dblink_fetch'
|
|
LANGUAGE 'C' STRICT;
|
|
|
|
CREATE OR REPLACE FUNCTION dblink_fetch (text,int,bool)
|
|
RETURNS setof record
|
|
AS 'MODULE_PATHNAME','dblink_fetch'
|
|
LANGUAGE 'C' STRICT;
|
|
|
|
CREATE OR REPLACE FUNCTION dblink_fetch (text,text,int)
|
|
RETURNS setof record
|
|
AS 'MODULE_PATHNAME','dblink_fetch'
|
|
LANGUAGE 'C' STRICT;
|
|
|
|
CREATE OR REPLACE FUNCTION dblink_fetch (text,text,int,bool)
|
|
RETURNS setof record
|
|
AS 'MODULE_PATHNAME','dblink_fetch'
|
|
LANGUAGE 'C' STRICT;
|
|
|
|
CREATE OR REPLACE FUNCTION dblink_close (text)
|
|
RETURNS text
|
|
AS 'MODULE_PATHNAME','dblink_close'
|
|
LANGUAGE 'C' STRICT;
|
|
|
|
CREATE OR REPLACE FUNCTION dblink_close (text,bool)
|
|
RETURNS text
|
|
AS 'MODULE_PATHNAME','dblink_close'
|
|
LANGUAGE 'C' STRICT;
|
|
|
|
CREATE OR REPLACE FUNCTION dblink_close (text,text)
|
|
RETURNS text
|
|
AS 'MODULE_PATHNAME','dblink_close'
|
|
LANGUAGE 'C' STRICT;
|
|
|
|
CREATE OR REPLACE FUNCTION dblink_close (text,text,bool)
|
|
RETURNS text
|
|
AS 'MODULE_PATHNAME','dblink_close'
|
|
LANGUAGE 'C' STRICT;
|
|
|
|
CREATE OR REPLACE FUNCTION dblink (text,text)
|
|
RETURNS setof record
|
|
AS 'MODULE_PATHNAME','dblink_record'
|
|
LANGUAGE 'C' STRICT;
|
|
|
|
CREATE OR REPLACE FUNCTION dblink (text,text,bool)
|
|
RETURNS setof record
|
|
AS 'MODULE_PATHNAME','dblink_record'
|
|
LANGUAGE 'C' STRICT;
|
|
|
|
CREATE OR REPLACE FUNCTION dblink (text)
|
|
RETURNS setof record
|
|
AS 'MODULE_PATHNAME','dblink_record'
|
|
LANGUAGE 'C' STRICT;
|
|
|
|
CREATE OR REPLACE FUNCTION dblink (text,bool)
|
|
RETURNS setof record
|
|
AS 'MODULE_PATHNAME','dblink_record'
|
|
LANGUAGE 'C' STRICT;
|
|
|
|
CREATE OR REPLACE FUNCTION dblink_exec (text,text)
|
|
RETURNS text
|
|
AS 'MODULE_PATHNAME','dblink_exec'
|
|
LANGUAGE 'C' STRICT;
|
|
|
|
CREATE OR REPLACE FUNCTION dblink_exec (text,text,bool)
|
|
RETURNS text
|
|
AS 'MODULE_PATHNAME','dblink_exec'
|
|
LANGUAGE 'C' STRICT;
|
|
|
|
CREATE OR REPLACE FUNCTION dblink_exec (text)
|
|
RETURNS text
|
|
AS 'MODULE_PATHNAME','dblink_exec'
|
|
LANGUAGE 'c' STRICT;
|
|
|
|
CREATE OR REPLACE FUNCTION dblink_exec (text,bool)
|
|
RETURNS text
|
|
AS 'MODULE_PATHNAME','dblink_exec'
|
|
LANGUAGE 'c' STRICT;
|
|
|
|
CREATE TYPE dblink_pkey_results AS (position int4, colname text);
|
|
|
|
CREATE OR REPLACE FUNCTION dblink_get_pkey (text)
|
|
RETURNS setof dblink_pkey_results
|
|
AS 'MODULE_PATHNAME','dblink_get_pkey'
|
|
LANGUAGE 'c' STRICT;
|
|
|
|
CREATE OR REPLACE FUNCTION dblink_build_sql_insert (text, int2vector, int4, _text, _text)
|
|
RETURNS text
|
|
AS 'MODULE_PATHNAME','dblink_build_sql_insert'
|
|
LANGUAGE 'C' STRICT;
|
|
|
|
CREATE OR REPLACE FUNCTION dblink_build_sql_delete (text, int2vector, int4, _text)
|
|
RETURNS text
|
|
AS 'MODULE_PATHNAME','dblink_build_sql_delete'
|
|
LANGUAGE 'C' STRICT;
|
|
|
|
CREATE OR REPLACE FUNCTION dblink_build_sql_update (text, int2vector, int4, _text, _text)
|
|
RETURNS text
|
|
AS 'MODULE_PATHNAME','dblink_build_sql_update'
|
|
LANGUAGE 'C' STRICT;
|
|
|
|
CREATE OR REPLACE FUNCTION dblink_current_query ()
|
|
RETURNS text
|
|
AS 'MODULE_PATHNAME','dblink_current_query'
|
|
LANGUAGE 'C';
|