Home > mailing lists

pgsql: Simplify validate_exec() by using access(2) to check file - Mailing list pgsql-committers

From	tgl@postgresql.org (Tom Lane)
Subject	pgsql: Simplify validate_exec() by using access(2) to check file
Date	January 13, 2010 23:14:19
Msg-id	20100114001406.723627541B9@cvs.postgresql.org Whole thread Raw
Responses	Re: pgsql: Simplify validate_exec() by using access(2) to check file
List	pgsql-committers

Tree view

Log Message:
-----------
Simplify validate_exec() by using access(2) to check file permissions,
rather than trying to implement the equivalent logic by hand.  The motivation
for the original coding appears to have been to check with the effective uid's
permissions not the real uid's; but there is no longer any difference, because
we don't run the postmaster setuid (indeed, main.c enforces that they're the
same).  Using access() means we will get it right in situations the original
coding failed to handle, such as ACL-based permissions.  Besides it's a lot
shorter, cleaner, and more thread-safe.  Per bug #5275 from James Bellinger.

Modified Files:
--------------
    pgsql/src/port:
        exec.c (r1.66 -> r1.67)
        (http://anoncvs.postgresql.org/cvsweb.cgi/pgsql/src/port/exec.c?r1=1.66&r2=1.67)

pgsql-committers by date:

From: tgl@postgresql.org (Tom Lane)
Date: 13 January 2010, 22:16:44
Subject: pgsql: When loading critical system indexes into the relcache, ensure we

From: Bruce Momjian
Date: 14 January 2010, 03:31:05
Subject: Re: pgsql: Simplify validate_exec() by using access(2) to check file

pgsql: Simplify validate_exec() by using access(2) to check file - Mailing list pgsql-committers

Previous

Next