>> *) inet_(client|server)_(addr|port)() and necessary documentation for
>> the four functions.
>> *) area(PATH) and documentation.
>> *) Checks for TEMP privs when creating objects in the temp schema
>> (checks for any object created in a temp namespace).
>> *) With the above change, current_user is now being used to check if
>> CREATE TEMP TABLE should succeed.
>> [ and it gets weirder from there ]
>
> Er, what?
>
> Could we possibly have this separated into multiple patches with some
> coherent purpose to each?
Sure.
patch-network.txt contains the following bits:
*) inet_(client|server)_(addr|port)() and necessary documentation for
the four functions.
> Also, please justify the temp-related changes. I was not aware that we
> had any breakage there.
patch-tmp-schema.txt contains the following bits:
*) Changes pg_namespace_aclmask() so that the superuser is always able
to create objects in the temp namespace.
*) Changes pg_namespace_aclmask() so that if this is a temp namespace,
objects are only allowed to be created in the temp namespace if the
user has TEMP privs on the database. This encompasses all object
creation, not just TEMP tables.
*) InitTempTableNamespace() checks to see if the current user, not the
session user, has access to create a temp namespace.
The first two changes are necessary to support the third change. Now
it's possible to revoke all temp table privs from non-super users and
limiting all creation of temp tables/schemas via a function that's
executed with elevated privs (security definer). Before this change,
it was not possible to have a setuid function to create a temp
table/schema if the session user had no TEMP privs.
Originally you'd brought up some concerns about security problems, but
this patch I believe addresses all of your prior concerns.
patch-area-path.txt contains:
*) Can now determine the area of a closed path.
patch-dfmgr.txt contains:
*) Small tweak to add the library path that's being expanded.
I was using $lib/foo.so and couldn't easily figure out what the error
message, "invalid macro name in dynamic library path" meant without
looking through the source code. With the path in there, at least I
know where to start looking in my config file.
-sc
--
Sean Chittenden
