Re: [HACKERS] Interest in a SECURITY DEFINER function current_userstack access mechanism? - Mailing list pgsql-hackers

From Nico Williams
Subject Re: [HACKERS] Interest in a SECURITY DEFINER function current_userstack access mechanism?
Date
Msg-id 20171018213021.GE4496@localhost
Whole thread Raw
In response to Re: [HACKERS] Interest in a SECURITY DEFINER function current_userstack access mechanism?  ("David G. Johnston" <david.g.johnston@gmail.com>)
Responses Re: [HACKERS] Interest in a SECURITY DEFINER function current_userstack access mechanism?
List pgsql-hackers
On Wed, Oct 18, 2017 at 02:13:29PM -0700, David G. Johnston wrote:
> > More useful than this, for me, would be a way to get the top-most user.
> 
> That would be "session_user"?

It's not quite since there's a difference between SET SESSION
AUTHORIZATION and SET SESSION ROLE.

But yes, it's what I'm using now.

> > Introducing the concept of a stack at the SQL level here seems, at
> > > first glance, to be over-complicating things.
> >
> > Because of the current implementation of invocation of SECURITY DEFINER
> > functions, a stack is trivial to build, since it's a list of nodes
> > allocated on the C stack in fmgr_security_definer().
> 
> Not saying its difficult (or not) to code in C; but exposing that to SQL
> seems like a big step.

Really?  Why?  I mean, there's an implicit function invocation stack
already.  Reifying some bits of the function call stack is useful.  I
can't think of how this particular reification would be dangerous or set
a bad precedent.

Hmmm, oh, I forgot about GET DIAGNOSTICS!  The stack is already exposed
to SQL.  Maybe we could add a CURRENT_USER item to GET STACKED
DIAGNOSTICS or to the PG_CONTEXT.

> If I was in position to dive deeper I wouldn't foreclose on the stack idea
> but I'd be inclined to see if something else could be made to work with
> reasonable effort.

I would think that the more general approach, if easy enough to
implement, would be better.  I can (and will) live with using
session_user instead of current_user, for now.  But I'm willing to
contribute a patch.

Nico
-- 


-- 
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers

pgsql-hackers by date:

Previous
From: "David G. Johnston"
Date:
Subject: Re: [HACKERS] Interest in a SECURITY DEFINER function current_userstack access mechanism?
Next
From: "David G. Johnston"
Date:
Subject: Re: [HACKERS] Interest in a SECURITY DEFINER function current_userstack access mechanism?