Re: [GENERAL] pgpass file type restrictions - Mailing list pgsql-general

From Bruce Momjian
Subject Re: [GENERAL] pgpass file type restrictions
Date
Msg-id 20180129034829.GC11620@momjian.us
Whole thread Raw
In response to Re: [GENERAL] pgpass file type restrictions  (Andrew Dunstan <andrew.dunstan@2ndquadrant.com>)
List pgsql-general
On Thu, Oct 19, 2017 at 08:22:18AM -0400, Andrew Dunstan wrote:
> 
> 
> On 10/19/2017 02:12 AM, Tom Lane wrote:
> > Desidero <desidero@gmail.com> writes:
> >> I’m running into problems with the restriction on pgpass file types. When
> >> attempting to use something like an anonymous pipe for a passfile, psql
> >> throws an error stating that it only accepts plain files.
> >> ...
> >> Does anyone know why it’s set up to avoid using things like anonymous pipes
> >> (or anything but "plain files")?
> > A bit of digging in the git history says that the check was added here:
> >
> >     commit 453d74b99c9ba6e5e75d214b0d7bec13553ded89
> >     Author: Bruce Momjian <bruce@momjian.us>
> >     Date:   Fri Jun 10 03:02:30 2005 +0000
> >     
> >         Add the "PGPASSFILE" environment variable to specify to the password
> >         file.
> >         
> >         Andrew Dunstan
> >     
> > and poking around in the mailing list archives from that time finds
> > what seems to be the originating thread:
> >
> > https://www.postgresql.org/message-id/flat/4123BF8C.5000909%40pse-consulting.de
> >
> > There's no real discussion there of the check for plain-file-ness.
> > My first guess would have been that the idea was to guard against
> > symlink attacks; but then surely the stat call needed to have been
> > changed to lstat?  So I'm not quite sure of the reasoning.  Perhaps
> > Andrew remembers.
> 
> 
> 
> That was written 13 years ago. I'm afraid my memory isn't that good.

I am coming in late here, but the thread does say:

    https://www.postgresql.org/message-id/200506100302.j5A32aj12016%40candle.pha.pa.us
    
    Another new addition is that we now will check to see that the password
    file is a regular file and not a symlink or something.  This was part of
    your patch for PGPASSFILE but I extended it to ~/.pgpass too.

Seems the stat, and not lstat, usage is a bug.

-- 
  Bruce Momjian  <bruce@momjian.us>        http://momjian.us
  EnterpriseDB                             http://enterprisedb.com

+ As you are, so once was I.  As I am, so you will be. +
+                      Ancient Roman grave inscription +


pgsql-general by date:

Previous
From: "Igal @ Lucee.org"
Date:
Subject: How to Optimize pg_trgm Performance
Next
From: Thiemo Kellner
Date:
Subject: Re: FW: Setting up streaming replication problems