Permissions on CHECKPOINT
Contrary to what the submitted documentation claims, there is no
permission checking done on the CHECKPOINT command. Should there be?
Btw., is there any normal usage application of this command? This relates
to the previous paragraph somewhat.
--
Peter Eisentraut peter_e@gmx.net http://yi.org/peter-e/
Peter Eisentraut wrote:
Contrary to what the submitted documentation claims, there is no
permission checking done on the CHECKPOINT command. Should there be?
Vadim seemed to indicate that he was going to make that restriction.
Perhaps I misunderstood.
If it's too late to make the change for 7.1, the fact should be
documented in a Bug section of the man page.
Btw., is there any normal usage application of this command? This relates
to the previous paragraph somewhat.--
Peter Eisentraut peter_e@gmx.net http://yi.org/peter-e/
--
Oliver Elphick Oliver.Elphick@lfix.co.uk
Isle of Wight http://www.lfix.co.uk/oliver
PGP: 1024R/32B8FAA1: 97 EA 1D 47 72 3F 28 47 6B 7E 39 CC 56 E4 C1 47
GPG: 1024D/3E1D0C1C: CA12 09E0 E8D5 8870 5839 932A 614D 4C34 3E1D 0C1C
========================================
"If anyone has material possessions and sees his
brother in need but has no pity on him, how can the
love of God be in him?"
I John 3:17
Import Notes
Reply to msg id not found: MessagefromPeterEisentrautpeter_e@gmx.netofWed24Jan2001230209+0100.Pine.LNX.4.30.0101242259470.1469-100000@peter.localdomain | Resolved by subject fallback
Contrary to what the submitted documentation claims, there is no
permission checking done on the CHECKPOINT command.Should there be?
Vadim seemed to indicate that he was going to make that restriction.
Perhaps I misunderstood.
Yes, there should be permission checking - I'll add it later (in 7.1)
if no one else.
Vadim
Import Notes
Resolved by subject fallback
Mikheev, Vadim writes:
Yes, there should be permission checking - I'll add it later (in 7.1)
if no one else.
Should be simple enough. Is this okay:
Index: utility.c
===================================================================
RCS file: /home/projects/pgsql/cvsroot/pgsql/src/backend/tcop/utility.c,v
retrieving revision 1.105
diff -c -r1.105 utility.c
*** utility.c 2001/01/05 06:34:20 1.105
--- utility.c 2001/01/25 16:40:40
***************
*** 18,23 ****
--- 18,24 ---- #include "access/heapam.h"
#include "catalog/catalog.h"
+ #include "catalog/pg_shadow.h"
#include "commands/async.h"
#include "commands/cluster.h"
#include "commands/command.h"
***************
*** 851,856 ****
--- 852,859 ----
{
set_ps_display(commandTag = "CHECKPOINT");+ if (!superuser())
+ elog(ERROR, "permission denied");
CreateCheckPoint(false);
}
break;--
Peter Eisentraut peter_e@gmx.net http://yi.org/peter-e/
Peter Eisentraut <peter_e@gmx.net> writes:
Mikheev, Vadim writes:
Yes, there should be permission checking - I'll add it later (in 7.1)
if no one else.
Should be simple enough. Is this okay:
Actually, I think a more interesting question is "should CHECKPOINT
have permission restrictions? If so, what should they be?"
A quite relevant precedent is that Unix systems (at least the ones
I've used) do not restrict who can call sync().
regards, tom lane
Hi all,
Re-posting this to -hackers. Will PQprint() remain/disappear/be replaced
in the future?
Thx
Ed
--
������������������������������������
Tom Lane wrote:
Peter Eisentraut <peter_e@gmx.net> writes:
Mikheev, Vadim writes:
Yes, there should be permission checking - I'll add it later (in 7.1)
if no one else.Should be simple enough. Is this okay:
Actually, I think a more interesting question is "should CHECKPOINT
have permission restrictions? If so, what should they be?"A quite relevant precedent is that Unix systems (at least the ones
I've used) do not restrict who can call sync().
What about DoS attacks? What would be the effect of someone's setting
off an infinite loop of CHECKPOINTs?
--
Oliver Elphick Oliver.Elphick@lfix.co.uk
Isle of Wight http://www.lfix.co.uk/oliver
PGP: 1024R/32B8FAA1: 97 EA 1D 47 72 3F 28 47 6B 7E 39 CC 56 E4 C1 47
GPG: 1024D/3E1D0C1C: CA12 09E0 E8D5 8870 5839 932A 614D 4C34 3E1D 0C1C
========================================
"Wash me thoroughly from mine iniquity, and cleanse me
from my sin. For I acknowledge my transgressions; and
my sin is ever before me. Against thee, thee only,
have I sinned, and done this evil in thy sight..."
Psalms 51:2-4
Import Notes
Reply to msg id not found: MessagefromTomLanetgl@sss.pgh.pa.usofFri26Jan2001000825EST.28767.980485705@sss.pgh.pa.us | Resolved by subject fallback
Yes, there should be permission checking - I'll add it
later (in 7.1) if no one else.Should be simple enough. Is this okay:
I think yes - please apply.
Vadim
Import Notes
Resolved by subject fallback
Actually, I think a more interesting question is "should CHECKPOINT
have permission restrictions? If so, what should they be?"A quite relevant precedent is that Unix systems (at least the ones
I've used) do not restrict who can call sync().
Checkpoints 1. affect entire system, 2. increase log output and
3. it's hard operation. Command itself was added mostly for debug
purposes.
Vadim
Import Notes
Resolved by subject fallback
Tom Lane wrote:
Peter Eisentraut <peter_e@gmx.net> writes:
Mikheev, Vadim writes:
Yes, there should be permission checking - I'll add it later (in 7.1)
if no one else.Should be simple enough. Is this okay:
Actually, I think a more interesting question is "should CHECKPOINT
have permission restrictions? If so, what should they be?"A quite relevant precedent is that Unix systems (at least the ones
I've used) do not restrict who can call sync().What about DoS attacks? What would be the effect of someone's setting
off an infinite loop of CHECKPOINTs?
Don't we have bigger DoS attacks? Certainly SELECT cash_out(1) is a
much bigger one.
--
Bruce Momjian | http://candle.pha.pa.us
pgman@candle.pha.pa.us | (610) 853-3000
+ If your life is a hard drive, | 830 Blythe Avenue
+ Christ can be your backup. | Drexel Hill, Pennsylvania 19026What about DoS attacks? What would be the effect of
someone's setting off an infinite loop of CHECKPOINTs?Don't we have bigger DoS attacks? Certainly SELECT cash_out(1) is a
much bigger one.
I've missed point - cash_out(1) is bug that should be fixed.
Any reason to add yet another gun?
Vadim
Import Notes
Resolved by subject fallback
[ Charset ISO-8859-1 unsupported, converting... ]
What about DoS attacks? What would be the effect of
someone's setting off an infinite loop of CHECKPOINTs?Don't we have bigger DoS attacks? Certainly SELECT cash_out(1) is a
much bigger one.I've missed point - cash_out(1) is bug that should be fixed.
Any reason to add yet another gun?
True. I just thought there were many bigger DoS areas. Maybe I am
wrong.
--
Bruce Momjian | http://candle.pha.pa.us
pgman@candle.pha.pa.us | (610) 853-3000
+ If your life is a hard drive, | 830 Blythe Avenue
+ Christ can be your backup. | Drexel Hill, Pennsylvania 19026Okay, okay, complaint withdrawn. Peter, would you commit that
permission check?
regards, tom lane
Hi all,
Re-posting this to -hackers. Will PQprint() remain/disappear/be replaced
in the future?
No idea. We are not sure who uses it.
--
Bruce Momjian | http://candle.pha.pa.us
pgman@candle.pha.pa.us | (610) 853-3000
+ If your life is a hard drive, | 830 Blythe Avenue
+ Christ can be your backup. | Drexel Hill, Pennsylvania 19026