Обсуждение: ALLOW_ABSOLUTE_DBPATHS

Поиск
Список
Период
Сортировка

ALLOW_ABSOLUTE_DBPATHS

От
Eric Hallander
Дата:
In the following snippet from ./src/backend/commands/dbcommands.c, I
cannot see anywhere in the configuration where ALLOW_ABSOLUTE_DBPATHS
gets set, and why this wouldn't be the default anyway. I was creating
databases fine, but
it is possible that I exported PGDATA2, and used this, as I see that
this ifndef definition does not exist in the environment variable
portion of the code.

Anyway, I have been using 7.2.3 on HPUX 11.0

Any thoughts?

There was a post on the 10th in the bugs discussion,
http://archives.postgresql.org/pgsql-bugs/2002-11/msg00080.php but the
reply seems to have an html source issue
http://archives.postgresql.org/pgsql-bugs/2002-11/msg00067.php

I am basically having the same problem, but see in the source where the
issue is.

Eric

static char *
resolve_alt_dbpath(const char *dbpath, Oid dboid)
{
        const char *prefix;
        char       *ret;
        size_t          len;

        if (dbpath == NULL || dbpath[0] == '\0')
                return NULL;

        if (strchr(dbpath, '/'))
        {
                if (dbpath[0] != '/')
                        elog(ERROR, "Relative paths are not allowed as
database locations");
#ifndef ALLOW_ABSOLUTE_DBPATHS
                elog(ERROR, "Absolute paths are not allowed as database
locations");
#endif
                prefix = dbpath;
        }
        else
        {
                /* must be environment variable */
                char       *var = getenv(dbpath);

                if (!var)
                        elog(ERROR, "Postmaster environment variable
'%s' not set", dbpath);
                if (var[0] != '/')
                        elog(ERROR, "Postmaster environment variable
'%s' must be absolute path", dbpath);
                prefix = var;
        }

Re: ALLOW_ABSOLUTE_DBPATHS

От
Tom Lane
Дата:
Eric Hallander <ehallander@tellium.com> writes:
> In the following snippet from ./src/backend/commands/dbcommands.c, I
> cannot see anywhere in the configuration where ALLOW_ABSOLUTE_DBPATHS
> gets set, and why this wouldn't be the default anyway. I was creating
> databases fine, but
> it is possible that I exported PGDATA2, and used this, as I see that
> this ifndef definition does not exist in the environment variable
> portion of the code.

The default configuration is that you MUST define an environment
variable in the postmaster's environment for each intended database
location, and then identify the location of a specific database by
environment variable name, not actual filesystem path.

There are fairly obvious security reasons for not letting database
creators tell the backend to scribble on any-random-pathname, so I
think this is a reasonable default.  The DBA needs to be able to
restrict the set of allowed database locations.

In the long run we should get rid of this environment-variable-based
mechanism in favor of storing the info in a proper SQL table, but until
someone gets 'round to designing and coding that, I have no desire to
change the current behavior.  Certainly "#define ALLOW_ABSOLUTE_DBPATHS"
is *dangerous*.

            regards, tom lane