[bugfix] sepgsql missed a case of CREATE TABLE AS
Started by Kohei KaiGaiover 13 years ago1 messages
The attached patch fixes a bug in sepgsql module.
Could you apply both v9.2 and master branch?
When post_create hook is invoked, sepgsql's handler checks
whether the current invocation context needs to have permission
checks according to the command-tag saved on ProcessUtility_hook.
But it overlooked T_CreateTableAs tag, thus, neither of security
label nor permission checks were applied, as if the routine did
on toast relation.
This patch adds this command tag as a context to check permissions.
Thanks,
--
KaiGai Kohei <kaigai@kaigai.gr.jp>
Attachments:
sepgsql-fixbug-create-table-as.patchapplication/octet-stream; name=sepgsql-fixbug-create-table-as.patchDownload
contrib/sepgsql/hooks.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/contrib/sepgsql/hooks.c b/contrib/sepgsql/hooks.c
index 9145191..e24f1fa 100644
--- a/contrib/sepgsql/hooks.c
+++ b/contrib/sepgsql/hooks.c
@@ -121,6 +121,7 @@ sepgsql_object_access(ObjectAccessType access,
switch (sepgsql_context_info.cmdtype)
{
case T_CreateStmt:
+ case T_CreateTableAsStmt:
case T_ViewStmt:
case T_CreateSeqStmt:
case T_CompositeTypeStmt: