Re: Misplaced superuser check in pg_log_backend_memory_contexts()
От | Julien Rouhaud |
---|---|
Тема | Re: Misplaced superuser check in pg_log_backend_memory_contexts() |
Дата | |
Msg-id | 20210606071312.cgps4ufp52btdnbb@nol обсуждение исходный текст |
Ответ на | Misplaced superuser check in pg_log_backend_memory_contexts() (Michael Paquier <michael@paquier.xyz>) |
Ответы |
Re: Misplaced superuser check in pg_log_backend_memory_contexts()
|
Список | pgsql-hackers |
On Sun, Jun 06, 2021 at 03:53:10PM +0900, Michael Paquier wrote: > > While reading the code of pg_log_backend_memory_contexts(), I have > been surprised to see that the code would attempt to look at a PROC > entry based on the given input PID *before* checking if the function > has been called by a superuser. This does not strike me as a good > idea as this allows any users to call this function and to take > ProcArrayLock in shared mode, freely. It doesn't seem like a huge problem as at least GetSnapshotData also acquires ProcArrayLock in shared mode. Knowing if a specific pid is a postgres backend or not isn't privileged information either, and anyone can check that using pg_stat_activity as an unprivileged user (which will also acquire ProcArrayLock in shared mode). > > It seems to me that we had better check for a superuser at the > beginning of the function, like in the attached. However +1 for the patch, as it seems more consistent to always get a permission failure if you're not a superuser.
В списке pgsql-hackers по дате отправления: