Re: Bug #428: Another security issue with the JDBC driver. - Mailing list pgsql-bugs

OK, patch removed from queue.

> It is now unclear to me the the
>
> catch(PrivilegedActionException pae)
>
> part of the patch is correct.  If a SecurityException is thrown in
> Socket() (as might happen if the policy file did not give the proper
> permissions), then it might be converted into a ClassCastException,
> which is probably the wrong thing to do.
>
> Perhaps I should look into this a bit further.
>
> David Daney.
>
>
> Bruce Momjian wrote:
>
> >Your patch has been added to the PostgreSQL unapplied patches list at:
> >
> >    http://candle.pha.pa.us/cgi-bin/pgpatches
> >
> >I will try to apply it within the next 48 hours.
> >
> >>David Daney (David.Daney@avtrex.com) reports a bug with a severity of 3
> >>The lower the number the more severe it is.
> >>
> >>Short Description
> >>Another security issue with the JDBC driver.
> >>
> >>Long Description
> >>The JDBC driver requires
> >>
> >>  permission java.net.SocketPermission "host:port", "connect";
> >>
> >>in the policy file of the application using the JDBC driver
> >>in the postgresql.jar file.  Since the Socket() call in the
> >>driver is not protected by AccessController.doPrivileged() this
> >>permission must also be granted to the entire application.
> >>
> >>The attached diff fixes it so that the connect permission can be
> >>restricted just the the postgresql.jar codeBase if desired.
> >>
> >>Sample Code
> >>*** PG_Stream.java.orig    Fri Aug 24 09:27:40 2001
> >>--- PG_Stream.java    Fri Aug 24 09:42:14 2001
> >>***************
> >>*** 5,10 ****
> >>--- 5,11 ----
> >>  import java.net.*;
> >>  import java.util.*;
> >>  import java.sql.*;
> >>+ import java.security.*;
> >>  import org.postgresql.*;
> >>  import org.postgresql.core.*;
> >>  import org.postgresql.util.*;
> >>***************
> >>*** 27,32 ****
> >>--- 28,52 ----
> >>      BytePoolDim1 bytePoolDim1 = new BytePoolDim1();
> >>      BytePoolDim2 bytePoolDim2 = new BytePoolDim2();
> >>
> >>+    private static class PrivilegedSocket
> >>+       implements PrivilegedExceptionAction
> >>+    {
> >>+       private String host;
> >>+       private int port;
> >>+
> >>+       PrivilegedSocket(String host, int port)
> >>+       {
> >>+          this.host = host;
> >>+          this.port = port;
> >>+       }
> >>+
> >>+       public Object run() throws Exception
> >>+       {
> >>+          return new Socket(host, port);
> >>+       }
> >>+    }
> >>+
> >>+
> >>    /**
> >>     * Constructor:  Connect to the PostgreSQL back end and return
> >>     * a stream connection.
> >>***************
> >>*** 37,43 ****
> >>     */
> >>    public PG_Stream(String host, int port) throws IOException
> >>    {
> >>!     connection = new Socket(host, port);
> >>
> >>      // Submitted by Jason Venner <jason@idiom.com> adds a 10x speed
> >>      // improvement on FreeBSD machines (caused by a bug in their TCP Stack)
> >>--- 57,69 ----
> >>     */
> >>    public PG_Stream(String host, int port) throws IOException
> >>    {
> >>!      PrivilegedSocket ps = new PrivilegedSocket(host, port);
> >>!      try {
> >>!         connection = (Socket)AccessController.doPrivileged(ps);
> >>!      }
> >>!      catch(PrivilegedActionException pae){
> >>!         throw (IOException)pae.getException();
> >>!      }
> >>
> >>      // Submitted by Jason Venner <jason@idiom.com> adds a 10x speed
> >>      // improvement on FreeBSD machines (caused by a bug in their TCP Stack)
> >>
> >>
> >>No file was uploaded with this report
> >>
> >>
> >>---------------------------(end of broadcast)---------------------------
> >>TIP 5: Have you checked our extensive FAQ?
> >>
> >>http://www.postgresql.org/users-lounge/docs/faq.html
> >>
> >
>
>

--
  Bruce Momjian                        |  http://candle.pha.pa.us
  pgman@candle.pha.pa.us               |  (610) 853-3000
  +  If your life is a hard drive,     |  830 Blythe Avenue
  +  Christ can be your backup.        |  Drexel Hill, Pennsylvania 19026