Home > mailing lists

Re: pgsql: Use GRANT system to manage access to sensitive functions - Mailing list pgsql-committers

From	Fujii Masao
Subject	Re: pgsql: Use GRANT system to manage access to sensitive functions
Date	April 7, 2016 06:14:02
Msg-id	CAHGQGwHZtDitWgNVVNyusadt92QYoTYaEtGzXFzOSA1UpTC9YQ@mail.gmail.com Whole thread Raw
In response to	pgsql: Use GRANT system to manage access to sensitive functions (Stephen Frost <sfrost@snowman.net>)
List	pgsql-committers

Tree view

On Thu, Apr 7, 2016 at 10:45 AM, Stephen Frost <sfrost@snowman.net> wrote:
> Use GRANT system to manage access to sensitive functions
>
> Now that pg_dump will properly dump out any ACL changes made to
> functions which exist in pg_catalog, switch to using the GRANT system
> to manage access to those functions.
>
> This means removing 'if (!superuser()) ereport()' checks from the
> functions themselves and then REVOKEing EXECUTE right from 'public' for
> these functions in system_views.sql.

This commit revokes the execution privilege on pg_start_backup() from
a replication role. Doesn't this affect many systems that a replication
role is used to take a backup? This commit forces administrators of
those systems to manually grant the privilege to a replication role
when upgrading the system to 9.6.

Regards,

--
Fujii Masao

pgsql-committers by date:

From: Stephen Frost
Date: 07 April 2016, 06:05:00
Subject: pgsql: Bump catversion for pg_dump dump catalog ACL patches

From: Fujii Masao
Date: 07 April 2016, 06:26:33
Subject: Re: pgsql: Generic Messages for Logical Decoding

Re: pgsql: Use GRANT system to manage access to sensitive functions - Mailing list pgsql-committers

Previous

Next