pgsql: Use GRANT system to manage access to sensitive functions
| От | Stephen Frost |
|---|---|
| Тема | pgsql: Use GRANT system to manage access to sensitive functions |
| Дата | |
| Msg-id | E1anz15-0007q0-Da@gemulon.postgresql.org обсуждение исходный текст |
| Ответы |
Re: pgsql: Use GRANT system to manage access to
sensitive functions
Re: pgsql: Use GRANT system to manage access to sensitive functions Re: pgsql: Use GRANT system to manage access to sensitive functions |
| Список | pgsql-committers |
Use GRANT system to manage access to sensitive functions Now that pg_dump will properly dump out any ACL changes made to functions which exist in pg_catalog, switch to using the GRANT system to manage access to those functions. This means removing 'if (!superuser()) ereport()' checks from the functions themselves and then REVOKEing EXECUTE right from 'public' for these functions in system_views.sql. Reviews by Alexander Korotkov, Jose Luis Tallon Branch ------ master Details ------- http://git.postgresql.org/pg/commitdiff/1574783b4ced0356fbc626af1a1a469faa6b41e1 Modified Files -------------- doc/src/sgml/backup.sgml | 8 +++-- doc/src/sgml/func.sgml | 19 ++++++------ doc/src/sgml/monitoring.sgml | 12 +++++--- src/backend/access/transam/xlogfuncs.c | 56 +++++++++++++--------------------- src/backend/catalog/system_views.sql | 21 +++++++++++++ src/backend/postmaster/pgstat.c | 24 ++++++--------- src/backend/utils/adt/misc.c | 16 ++++------ 7 files changed, 81 insertions(+), 75 deletions(-)
В списке pgsql-committers по дате отправления: