Обсуждение: pgsql: Simplify validate_exec() by using access(2) to check file
pgsql: Simplify validate_exec() by using access(2) to check file
От
tgl@postgresql.org (Tom Lane)
Дата:
Log Message:
-----------
Simplify validate_exec() by using access(2) to check file permissions,
rather than trying to implement the equivalent logic by hand. The motivation
for the original coding appears to have been to check with the effective uid's
permissions not the real uid's; but there is no longer any difference, because
we don't run the postmaster setuid (indeed, main.c enforces that they're the
same). Using access() means we will get it right in situations the original
coding failed to handle, such as ACL-based permissions. Besides it's a lot
shorter, cleaner, and more thread-safe. Per bug #5275 from James Bellinger.
Modified Files:
--------------
pgsql/src/port:
exec.c (r1.66 -> r1.67)
(http://anoncvs.postgresql.org/cvsweb.cgi/pgsql/src/port/exec.c?r1=1.66&r2=1.67)
Tom Lane wrote: > Log Message: > ----------- > Simplify validate_exec() by using access(2) to check file permissions, > rather than trying to implement the equivalent logic by hand. The motivation > for the original coding appears to have been to check with the effective uid's > permissions not the real uid's; but there is no longer any difference, because > we don't run the postmaster setuid (indeed, main.c enforces that they're the > same). Using access() means we will get it right in situations the original > coding failed to handle, such as ACL-based permissions. Besides it's a lot > shorter, cleaner, and more thread-safe. Per bug #5275 from James Bellinger. Are there any outside code modifications now that this is thread-safe? I can't find any myself. -- Bruce Momjian <bruce@momjian.us> http://momjian.us EnterpriseDB http://enterprisedb.com + If your life is a hard drive, Christ can be your backup. +
Bruce Momjian <bruce@momjian.us> writes:
> Are there any outside code modifications now that this is thread-safe?
> I can't find any myself.
I only saw the note to not trust the function in threadable code.
It might let us do some things later, but there doesn't seem to be
an immediate application.
regards, tom lane
Tom Lane wrote: > Bruce Momjian <bruce@momjian.us> writes: > > Are there any outside code modifications now that this is thread-safe? > > I can't find any myself. > > I only saw the note to not trust the function in threadable code. > It might let us do some things later, but there doesn't seem to be > an immediate application. Thanks. That's what I thought too. We do have some code in libpq to handle non-thread-safe functions (by taking a thread lock), but I didn't see any cases where we did that when we called this code. -- Bruce Momjian <bruce@momjian.us> http://momjian.us EnterpriseDB http://enterprisedb.com + If your life is a hard drive, Christ can be your backup. +