代码拉取完成,页面将自动刷新
同步操作将从 src-openEuler/postgresql 强制同步,此操作会覆盖自 Fork 仓库以来所做的任何修改,且无法恢复!!!
确定后同步将在后台操作,完成时将刷新页面,请耐心等待。
From b048f558dd7c26a0c630a2cff29d3d8981eaf6b9 Mon Sep 17 00:00:00 2001
From: Alvaro Herrera <[email protected]>
Date: Mon, 10 Feb 2020 11:47:09 -0300
Subject: [PATCH] Fix priv checks for ALTER <object> DEPENDS ON EXTENSION
Marking an object as dependant on an extension did not have any
privilege check whatsoever; this allowed any user to mark objects as
droppable by anyone able to DROP EXTENSION, which could be used to cause
system-wide havoc. Disallow by checking that the calling user owns the
mentioned object.
(No constraints are placed on the extension.)
Security: CVE-2020-1720
Reported-by: Tom Lane
Discussion: [email protected]
---
src/backend/commands/alter.c | 11 +++++++++++
1 file changed, 11 insertions(+)
diff --git a/src/backend/commands/alter.c b/src/backend/commands/alter.c
index fca85ba2c17f..1cb84182b05f 100644
--- a/src/backend/commands/alter.c
+++ b/src/backend/commands/alter.c
@@ -430,6 +430,17 @@ ExecAlterObjectDependsStmt(AlterObjectDependsStmt *stmt, ObjectAddress *refAddre
get_object_address_rv(stmt->objectType, stmt->relation, (List *) stmt->object,
&rel, AccessExclusiveLock, false);
+ /*
+ * Verify that the user is entitled to run the command.
+ *
+ * We don't check any privileges on the extension, because that's not
+ * needed. The object owner is stipulating, by running this command, that
+ * the extension owner can drop the object whenever they feel like it,
+ * which is not considered a problem.
+ */
+ check_object_ownership(GetUserId(),
+ stmt->objectType, address, stmt->object, rel);
+
/*
* If a relation was involved, it would have been opened and locked. We
* don't need the relation here, but we'll retain the lock until commit.
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。