diff options
| author | Magnus Hagander <magnus@hagander.net> | 2008-09-23 21:12:03 +0000 |
|---|---|---|
| committer | Magnus Hagander <magnus@hagander.net> | 2008-09-23 21:12:03 +0000 |
| commit | cdf5357ec9ac3f3ef6d300ddf1651e572033c506 (patch) | |
| tree | f5eff5f601af7675739566f0732962c587a2fa8a /src | |
| parent | 5f7b25d5d594c4cd8a766b8137a7673769ce1fa7 (diff) | |
| download | postgresql-cdf5357ec9ac3f3ef6d300ddf1651e572033c506.tar.gz postgresql-cdf5357ec9ac3f3ef6d300ddf1651e572033c506.zip | |
Only show source file and line numbers to superusers, for consistent
security level with other parts of the system.
Per gripe from Tom
Diffstat (limited to 'src')
| -rw-r--r-- | src/backend/utils/misc/guc.c | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/src/backend/utils/misc/guc.c b/src/backend/utils/misc/guc.c index a33cc0e41cf..f0f49538e78 100644 --- a/src/backend/utils/misc/guc.c +++ b/src/backend/utils/misc/guc.c @@ -10,7 +10,7 @@ * Written by Peter Eisentraut <peter_e@gmx.net>. * * IDENTIFICATION - * $PostgreSQL: pgsql/src/backend/utils/misc/guc.c,v 1.472 2008/09/10 19:16:22 tgl Exp $ + * $PostgreSQL: pgsql/src/backend/utils/misc/guc.c,v 1.473 2008/09/23 21:12:03 mha Exp $ * *-------------------------------------------------------------------- */ @@ -6176,8 +6176,12 @@ GetConfigOptionByNum(int varnum, const char **values, bool *noshow) break; } - /* If the setting came from a config file, set the source location */ - if (conf->source == PGC_S_FILE) + /* + * If the setting came from a config file, set the source location. + * For security reasons, we don't show source file/line number for + * non-superusers. + */ + if (conf->source == PGC_S_FILE && superuser()) { values[12] = conf->sourcefile; snprintf(buffer, sizeof(buffer), "%d", conf->sourceline); |