pgsql: adminpack: Revoke EXECUTE on pg_logfile_rotate()
| От | Stephen Frost |
|---|---|
| Тема | pgsql: adminpack: Revoke EXECUTE on pg_logfile_rotate() |
| Дата | |
| Msg-id | E1fFgsd-0004rq-T1@gemulon.postgresql.org обсуждение исходный текст |
| Список | pgsql-committers |
adminpack: Revoke EXECUTE on pg_logfile_rotate() In 9.6, we moved a number of functions over to using the GRANT system to control access instead of having hard-coded superuser checks. As it turns out, adminpack was creating another function in the catalog for one of those backend functions where the superuser check was removed, specifically pg_rotate_logfile(), but it didn't get the memo about having to REVOKE EXECUTE on the alternative-name function (pg_logfile_rotate()), meaning that in any installations with adminpack on 9.6 and higher, any user is able to run the pg_logfile_rotate() function, which then calls pg_rotate_logfile() and rotates the logfile. Fix by adding a new version of adminpack (1.1) which handles the REVOKE. As this function should have only been available to the superuser, this is a security issue, albeit a minor one. Security: CVE-2018-1115 Branch ------ REL_10_STABLE Details ------- https://git.postgresql.org/pg/commitdiff/20f01fc45996238f7f1007ba704d30663955150a Modified Files -------------- contrib/adminpack/Makefile | 2 +- contrib/adminpack/adminpack--1.0--1.1.sql | 6 ++++++ contrib/adminpack/adminpack.control | 2 +- 3 files changed, 8 insertions(+), 2 deletions(-)
В списке pgsql-committers по дате отправления: