diff options
author | Noah Misch <noah@leadboat.com> | 2017-08-07 07:09:28 -0700 |
---|---|---|
committer | Noah Misch <noah@leadboat.com> | 2017-08-07 07:09:31 -0700 |
commit | 156099630320fcb72d41ae90b91f15ed0dfbc271 (patch) | |
tree | 4d4360494aca71c629ce1a02ca71f22f16a407b9 /src/backend | |
parent | f6fc72cb697295c1807d14ee5c52d2086d1864af (diff) | |
download | postgresql-156099630320fcb72d41ae90b91f15ed0dfbc271.tar.gz postgresql-156099630320fcb72d41ae90b91f15ed0dfbc271.zip |
Again match pg_user_mappings to information_schema.user_mapping_options.
Commit 3eefc51053f250837c3115c12f8119d16881a2d7 claimed to make
pg_user_mappings enforce the qualifications user_mapping_options had
been enforcing, but its removal of a longstanding restriction left them
distinct when the current user is the subject of a mapping yet has no
server privileges. user_mapping_options emits no rows for such a
mapping, but pg_user_mappings includes full umoptions. Change
pg_user_mappings to show null for umoptions. Back-patch to 9.2, like
the above commit.
Reviewed by Tom Lane. Reported by Jeff Janes.
Security: CVE-2017-7547
Diffstat (limited to 'src/backend')
-rw-r--r-- | src/backend/catalog/system_views.sql | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/src/backend/catalog/system_views.sql b/src/backend/catalog/system_views.sql index b769c6f066f..57535a2dea1 100644 --- a/src/backend/catalog/system_views.sql +++ b/src/backend/catalog/system_views.sql @@ -826,7 +826,9 @@ CREATE VIEW pg_user_mappings AS ELSE A.rolname END AS usename, - CASE WHEN (U.umuser <> 0 AND A.rolname = current_user) + CASE WHEN (U.umuser <> 0 AND A.rolname = current_user + AND (pg_has_role(S.srvowner, 'USAGE') + OR has_server_privilege(S.oid, 'USAGE'))) OR (U.umuser = 0 AND pg_has_role(S.srvowner, 'USAGE')) OR (SELECT rolsuper FROM pg_authid WHERE rolname = current_user) THEN U.umoptions |