upstream/postgresql
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2026-02-16 09:08:23 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
postgresql/src/include/utils
History
Tom Lane 187e5d8981 Disallow RESET ROLE and RESET SESSION AUTHORIZATION inside security-definer 
functions.

This extends the previous patch that forbade SETting these variables inside
security-definer functions.  RESET is equally a security hole, since it
would allow regaining privileges of the caller; furthermore it can trigger
Assert failures and perhaps other internal errors, since the code is not
expecting these variables to change in such contexts.  The previous patch
did not cover this case because assign hooks don't really have enough
information, so move the responsibility for preventing this into guc.c.

Problem discovered by Heikki Linnakangas.

Security: no CVE assigned yet, extends CVE-2007-6600
2009-09-03 22:08:05 +00:00
..
acl.h 8.4 pgindent run, with new combined Linux/FreeBSD/MinGW typedef list 2009-06-11 14:49:15 +00:00
array.h Remove SQL-compatibility function cardinality(). It is not exactly clear 2009-04-09 17:39:50 +00:00
ascii.h Update copyright for 2009. 2009-01-01 17:24:05 +00:00
builtins.h Support hex-string input and output for type BYTEA. 2009-08-04 16:08:37 +00:00
bytea.h Support hex-string input and output for type BYTEA. 2009-08-04 16:08:37 +00:00
cash.h 8.4 pgindent run, with new combined Linux/FreeBSD/MinGW typedef list 2009-06-11 14:49:15 +00:00
catcache.h Update copyright for 2009. 2009-01-01 17:24:05 +00:00
combocid.h Update copyright for 2009. 2009-01-01 17:24:05 +00:00
date.h 8.4 pgindent run, with new combined Linux/FreeBSD/MinGW typedef list 2009-06-11 14:49:15 +00:00
datetime.h 8.4 pgindent run, with new combined Linux/FreeBSD/MinGW typedef list 2009-06-11 14:49:15 +00:00
datum.h Update copyright for 2009. 2009-01-01 17:24:05 +00:00
dynahash.h Update copyright for 2009. 2009-01-01 17:24:05 +00:00
dynamic_loader.h Update copyright for 2009. 2009-01-01 17:24:05 +00:00
elog.h 8.4 pgindent run, with new combined Linux/FreeBSD/MinGW typedef list 2009-06-11 14:49:15 +00:00
errcodes.h Add new SQL:2008 error codes for invalid LIMIT and OFFSET values. Remove 2009-03-04 10:55:00 +00:00
fmgrtab.h Update copyright for 2009. 2009-01-01 17:24:05 +00:00
formatting.h Update copyright for 2009. 2009-01-01 17:24:05 +00:00
geo_decls.h Update copyright for 2009. 2009-01-01 17:24:05 +00:00
guc.h Disallow RESET ROLE and RESET SESSION AUTHORIZATION inside security-definer 2009-09-03 22:08:05 +00:00
guc_tables.h 8.4 pgindent run, with new combined Linux/FreeBSD/MinGW typedef list 2009-06-11 14:49:15 +00:00
help_config.h Update copyright for 2009. 2009-01-01 17:24:05 +00:00
hsearch.h Update copyright for 2009. 2009-01-01 17:24:05 +00:00
inet.h Update copyright for 2009. 2009-01-01 17:24:05 +00:00
int8.h Update copyright for 2009. 2009-01-01 17:24:05 +00:00
inval.h Update copyright for 2009. 2009-01-01 17:24:05 +00:00
logtape.h Update copyright for 2009. 2009-01-01 17:24:05 +00:00
lsyscache.h Extend EXPLAIN to support output in XML or JSON format. 2009-08-10 05:46:50 +00:00
memutils.h Update copyright for 2009. 2009-01-01 17:24:05 +00:00
nabstime.h Update copyright for 2009. 2009-01-01 17:24:05 +00:00
numeric.h Support EEEE (scientific notation) in to_char(). 2009-08-10 18:29:27 +00:00
palloc.h Update copyright for 2009. 2009-01-01 17:24:05 +00:00
pg_crc.h Update copyright for 2009. 2009-01-01 17:24:05 +00:00
pg_locale.h Update copyright for 2009. 2009-01-01 17:24:05 +00:00
pg_lzcompress.h This patch addresses some issues in TOAST compression strategy that 2008-03-07 23:20:21 +00:00
pg_rusage.h Update copyright for 2009. 2009-01-01 17:24:05 +00:00
plancache.h Update copyright for 2009. 2009-01-01 17:24:05 +00:00
portal.h Update copyright for 2009. 2009-01-01 17:24:05 +00:00
ps_status.h Add GUC update_process_title to control whether 'ps' display is updated 2006-06-27 22:16:44 +00:00
rel.h Add system catalog columns pg_constraint.conindid and pg_trigger.tgconstrindid. 2009-07-28 02:56:31 +00:00
relcache.h Allow backends to start up without use of the flat-file copy of pg_database. 2009-08-12 20:53:31 +00:00
resowner.h Update copyright for 2009. 2009-01-01 17:24:05 +00:00
selfuncs.h 8.4 pgindent run, with new combined Linux/FreeBSD/MinGW typedef list 2009-06-11 14:49:15 +00:00
snapmgr.h 8.4 pgindent run, with new combined Linux/FreeBSD/MinGW typedef list 2009-06-11 14:49:15 +00:00
snapshot.h 8.4 pgindent run, with new combined Linux/FreeBSD/MinGW typedef list 2009-06-11 14:49:15 +00:00
syscache.h Update copyright for 2009. 2009-01-01 17:24:05 +00:00
timestamp.h Fix overflow for INTERVAL 'x ms' where x is more than a couple million, 2009-08-18 21:23:14 +00:00
tqual.h Update copyright for 2009. 2009-01-01 17:24:05 +00:00
tuplesort.h Extend EXPLAIN to support output in XML or JSON format. 2009-08-10 05:46:50 +00:00
tuplestore.h 8.4 pgindent run, with new combined Linux/FreeBSD/MinGW typedef list 2009-06-11 14:49:15 +00:00
typcache.h Update copyright for 2009. 2009-01-01 17:24:05 +00:00
tzparser.h Update copyright for 2009. 2009-01-01 17:24:05 +00:00
uuid.h Update copyright for 2009. 2009-01-01 17:24:05 +00:00
varbit.h Update copyright for 2009. 2009-01-01 17:24:05 +00:00
xml.h Extend EXPLAIN to support output in XML or JSON format. 2009-08-10 05:46:50 +00:00