mirror/postgresql
2
0
Fork 0
mirror of https://git.postgresql.org/git/postgresql.git synced 2024-12-15 08:20:16 +08:00
Code Issues Packages Projects Releases Wiki Activity
3f302f0ed0
postgresql/contrib/postgres_fdw
History
Masahiko Sawada 79c7a7e296 Restrict accesses to non-system views and foreign tables during pg_dump. 
When pg_dump retrieves the list of database objects and performs the
data dump, there was possibility that objects are replaced with others
of the same name, such as views, and access them. This vulnerability
could result in code execution with superuser privileges during the
pg_dump process.

This issue can arise when dumping data of sequences, foreign
tables (only 13 or later), or tables registered with a WHERE clause in
the extension configuration table.

To address this, pg_dump now utilizes the newly introduced
restrict_nonsystem_relation_kind GUC parameter to restrict the
accesses to non-system views and foreign tables during the dump
process. This new GUC parameter is added to back branches too, but
these changes do not require cluster recreation.

Back-patch to all supported branches.

Reviewed-by: Noah Misch
Security: CVE-2024-7348
Backpatch-through: 12
2024-08-05 06:05:17 -07:00
..
expected Restrict accesses to non-system views and foreign tables during pg_dump. 2024-08-05 06:05:17 -07:00
sql Restrict accesses to non-system views and foreign tables during pg_dump. 2024-08-05 06:05:17 -07:00
.gitignore
connection.c Make postgres_fdw request remote time zone 'GMT' not 'UTC'. 2024-04-21 13:46:20 -04:00
deparse.c Fix deparsing of Consts in postgres_fdw ORDER BY 2024-03-11 12:29:24 +13:00
Makefile
option.c Avoid using ambiguous word "non-negative" in error messages. 2021-07-28 01:24:24 +09:00
postgres_fdw--1.0.sql
postgres_fdw.c postgres_fdw: Fix assertion in estimate_path_cost_size(). 2022-12-15 21:15:00 +09:00
postgres_fdw.control
postgres_fdw.h Fix postgres_fdw to check shippability of sort clauses properly. 2022-03-31 14:29:24 -04:00
shippable.c