]> granicus.if.org Git - postgresql/commit
projects / postgresql / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 23f34fa) | patch
Use GRANT system to manage access to sensitive functions
authorStephen Frost <sfrost@snowman.net>
Thu, 7 Apr 2016 01:45:32 +0000 (21:45 -0400)
committerStephen Frost <sfrost@snowman.net>
Thu, 7 Apr 2016 01:45:32 +0000 (21:45 -0400)
commit1574783b4ced0356fbc626af1a1a469faa6b41e1
tree1b999ee5c4a940bf220ee491303eae73cffa637ctree | snapshot
parent23f34fa4ba358671adab16773e79c17c92cbc870commit | diff
Use GRANT system to manage access to sensitive functions

Now that pg_dump will properly dump out any ACL changes made to
functions which exist in pg_catalog, switch to using the GRANT system
to manage access to those functions.

This means removing 'if (!superuser()) ereport()' checks from the
functions themselves and then REVOKEing EXECUTE right from 'public' for
these functions in system_views.sql.

Reviews by Alexander Korotkov, Jose Luis Tallon
doc/src/sgml/backup.sgml diff | blob | history
doc/src/sgml/func.sgml diff | blob | history
doc/src/sgml/monitoring.sgml diff | blob | history
src/backend/access/transam/xlogfuncs.c diff | blob | history
src/backend/catalog/system_views.sql diff | blob | history
src/backend/postmaster/pgstat.c diff | blob | history
src/backend/utils/adt/misc.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.