diff options
| author | Tom Lane <tgl@sss.pgh.pa.us> | 2005-08-22 17:38:20 +0000 |
|---|---|---|
| committer | Tom Lane <tgl@sss.pgh.pa.us> | 2005-08-22 17:38:20 +0000 |
| commit | bf1e33d24a9611583595eb1c6cc2e7ce3fa01da4 (patch) | |
| tree | b5e5df4c4556d631aae7cc3a3cb21489404d598c /src/backend/commands/functioncmds.c | |
| parent | a7f49252d2476cc5996b1e9dbb253cdc521fbb7f (diff) | |
| download | postgresql-bf1e33d24a9611583595eb1c6cc2e7ce3fa01da4.tar.gz postgresql-bf1e33d24a9611583595eb1c6cc2e7ce3fa01da4.zip | |
Fix unwanted denial of ALTER OWNER rights to superusers. There was some
discussion of getting around this by relaxing the checks made for regular
users, but I'm disinclined to toy with the security model right now,
so just special-case it for superusers where needed.
Diffstat (limited to 'src/backend/commands/functioncmds.c')
| -rw-r--r-- | src/backend/commands/functioncmds.c | 35 |
1 files changed, 20 insertions, 15 deletions
diff --git a/src/backend/commands/functioncmds.c b/src/backend/commands/functioncmds.c index 38912b777d9..d6bb902274e 100644 --- a/src/backend/commands/functioncmds.c +++ b/src/backend/commands/functioncmds.c @@ -10,7 +10,7 @@ * * * IDENTIFICATION - * $PostgreSQL: pgsql/src/backend/commands/functioncmds.c,v 1.65 2005/08/01 04:03:55 tgl Exp $ + * $PostgreSQL: pgsql/src/backend/commands/functioncmds.c,v 1.66 2005/08/22 17:38:20 tgl Exp $ * * DESCRIPTION * These routines take the parse tree and pick out the @@ -894,20 +894,25 @@ AlterFunctionOwner(List *name, List *argtypes, Oid newOwnerId) bool isNull; HeapTuple newtuple; - /* Otherwise, must be owner of the existing object */ - if (!pg_proc_ownercheck(procOid,GetUserId())) - aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC, - NameListToString(name)); - - /* Must be able to become new owner */ - check_is_member_of_role(GetUserId(), newOwnerId); - - /* New owner must have CREATE privilege on namespace */ - aclresult = pg_namespace_aclcheck(procForm->pronamespace, newOwnerId, - ACL_CREATE); - if (aclresult != ACLCHECK_OK) - aclcheck_error(aclresult, ACL_KIND_NAMESPACE, - get_namespace_name(procForm->pronamespace)); + /* Superusers can always do it */ + if (!superuser()) + { + /* Otherwise, must be owner of the existing object */ + if (!pg_proc_ownercheck(procOid,GetUserId())) + aclcheck_error(ACLCHECK_NOT_OWNER, ACL_KIND_PROC, + NameListToString(name)); + + /* Must be able to become new owner */ + check_is_member_of_role(GetUserId(), newOwnerId); + + /* New owner must have CREATE privilege on namespace */ + aclresult = pg_namespace_aclcheck(procForm->pronamespace, + newOwnerId, + ACL_CREATE); + if (aclresult != ACLCHECK_OK) + aclcheck_error(aclresult, ACL_KIND_NAMESPACE, + get_namespace_name(procForm->pronamespace)); + } memset(repl_null, ' ', sizeof(repl_null)); memset(repl_repl, ' ', sizeof(repl_repl)); |