diff options
| author | Fujii Masao <fujii@postgresql.org> | 2020-02-03 12:37:59 +0900 |
|---|---|---|
| committer | Fujii Masao <fujii@postgresql.org> | 2020-02-03 12:37:59 +0900 |
| commit | 0d9f307cf82a96bc7945c9eb86328abc14e55736 (patch) | |
| tree | 925087684b8db1417694a16aad29d32333e9b7fd /src/backend/commands/tablecmds.c | |
| parent | 24dd34af1435a2a97e8b67d82328e45d0ac51413 (diff) | |
| download | postgresql-0d9f307cf82a96bc7945c9eb86328abc14e55736.tar.gz postgresql-0d9f307cf82a96bc7945c9eb86328abc14e55736.zip | |
Revert commit de0177788b.
This commit reverts the fix "Make inherited TRUNCATE perform access
permission checks on parent table only" only in the back branches.
It's not hard to imagine that there are some applications expecting
the old behavior and the fix breaks their security. To avoid this
compatibility problem, we decided to apply the fix only in HEAD and
revert it in all supported back branches.
Discussion: https://postgr.es/m/21015.1580400165@sss.pgh.pa.us
Diffstat (limited to 'src/backend/commands/tablecmds.c')
| -rw-r--r-- | src/backend/commands/tablecmds.c | 32 |
1 files changed, 7 insertions, 25 deletions
diff --git a/src/backend/commands/tablecmds.c b/src/backend/commands/tablecmds.c index c651047711c..f3d64c6a9ec 100644 --- a/src/backend/commands/tablecmds.c +++ b/src/backend/commands/tablecmds.c @@ -302,7 +302,6 @@ struct DropRelationCallbackState ((child_is_partition) ? DEPENDENCY_AUTO : DEPENDENCY_NORMAL) static void truncate_check_rel(Oid relid, Form_pg_class reltuple); -static void truncate_check_perms(Oid relid, Form_pg_class reltuple); static void truncate_check_activity(Relation rel); static void RangeVarCallbackForTruncate(const RangeVar *relation, Oid relId, Oid oldRelId, void *arg); @@ -1591,12 +1590,6 @@ ExecuteTruncate(TruncateStmt *stmt) continue; } - /* - * Inherited TRUNCATE commands perform access - * permission checks on the parent table only. - * So we skip checking the children's permissions - * and don't call truncate_check_perms() here. - */ truncate_check_rel(RelationGetRelid(rel), rel->rd_rel); truncate_check_activity(rel); @@ -1683,7 +1676,6 @@ ExecuteTruncateGuts(List *explicit_rels, List *relids, List *relids_logged, (errmsg("truncate cascades to table \"%s\"", RelationGetRelationName(rel)))); truncate_check_rel(relid, rel->rd_rel); - truncate_check_perms(relid, rel->rd_rel); truncate_check_activity(rel); rels = lappend(rels, rel); relids = lappend_oid(relids, relid); @@ -1934,6 +1926,7 @@ ExecuteTruncateGuts(List *explicit_rels, List *relids, List *relids_logged, static void truncate_check_rel(Oid relid, Form_pg_class reltuple) { + AclResult aclresult; char *relname = NameStr(reltuple->relname); /* @@ -1947,27 +1940,17 @@ truncate_check_rel(Oid relid, Form_pg_class reltuple) (errcode(ERRCODE_WRONG_OBJECT_TYPE), errmsg("\"%s\" is not a table", relname))); - if (!allowSystemTableMods && IsSystemClass(relid, reltuple)) - ereport(ERROR, - (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), - errmsg("permission denied: \"%s\" is a system catalog", - relname))); -} - -/* - * Check that current user has the permission to truncate given relation. - */ -static void -truncate_check_perms(Oid relid, Form_pg_class reltuple) -{ - char *relname = NameStr(reltuple->relname); - AclResult aclresult; - /* Permissions checks */ aclresult = pg_class_aclcheck(relid, GetUserId(), ACL_TRUNCATE); if (aclresult != ACLCHECK_OK) aclcheck_error(aclresult, get_relkind_objtype(reltuple->relkind), relname); + + if (!allowSystemTableMods && IsSystemClass(relid, reltuple)) + ereport(ERROR, + (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), + errmsg("permission denied: \"%s\" is a system catalog", + relname))); } /* @@ -14903,7 +14886,6 @@ RangeVarCallbackForTruncate(const RangeVar *relation, elog(ERROR, "cache lookup failed for relation %u", relId); truncate_check_rel(relId, (Form_pg_class) GETSTRUCT(tuple)); - truncate_check_perms(relId, (Form_pg_class) GETSTRUCT(tuple)); ReleaseSysCache(tuple); } |