From cebf9d6e6ee13cbf9f1a91ec633cf96780ffc985 Mon Sep 17 00:00:00 2001 From: Andrew Dunstan Date: Mon, 13 Jan 2020 18:08:09 +1030 Subject: Only superuser can set sslcert/sslkey in postgres_fdw user mappings Othrwise there is a security risk. Discussion: https://postgr.es/m/20200109103014.GA4192@msg.df7cb.de --- contrib/postgres_fdw/option.c | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'contrib/postgres_fdw/option.c') diff --git a/contrib/postgres_fdw/option.c b/contrib/postgres_fdw/option.c index 4a26056db08..c442af5bb96 100644 --- a/contrib/postgres_fdw/option.c +++ b/contrib/postgres_fdw/option.c @@ -159,6 +159,16 @@ postgres_fdw_validator(PG_FUNCTION_ARGS) errmsg("password_required=false is superuser-only"), errhint("User mappings with the password_required option set to false may only be created or modified by the superuser"))); } + else if (strcmp(def->defname, "sslcert") == 0 || + strcmp(def->defname, "sslkey") == 0) + { + /* similarly for sslcert / sslkey on user mapping */ + if (catalog == UserMappingRelationId && !superuser()) + ereport(ERROR, + (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), + errmsg("sslcert and sslkey are superuser-only"), + errhint("User mappings with the sslcert or sslkey options set may only be created or modified by the superuser"))); + } } PG_RETURN_VOID(); -- cgit v1.2.3