upstream/postgresql
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2026-03-16 15:43:31 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
postgresql/src
History
Tom Lane 95f5a52372 Parallel workers use AuthenticatedUserId for connection privilege checks. 
Commit 5a2fed911 had an unexpected side-effect: the parallel worker
launched for the new test case would fail if it couldn't use a
superuser-reserved connection slot.  The reason that test failed
while all our pre-existing ones worked is that the connection
privilege tests in InitPostgres had been based on the superuserness
of the leader's AuthenticatedUserId, but after the rearrangements
of 5a2fed911 we were testing the superuserness of CurrentUserId,
which the new test case deliberately made to be a non-superuser.

This all seems very accidental and probably not the behavior we really
want, but a security patch is no time to be redesigning things.
Pending some discussion about desirable semantics, hack it so that
InitPostgres continues to pay attention to the superuserness of
AuthenticatedUserId when starting a parallel worker.

Nathan Bossart and Tom Lane, per buildfarm member sawshark.

Security: CVE-2024-10978
2024-11-11 17:05:53 -05:00
..
backend Parallel workers use AuthenticatedUserId for connection privilege checks. 2024-11-11 17:05:53 -05:00
bin Translation updates 2024-11-11 13:53:52 +01:00
common Guard against enormously long input in pg_saslprep(). 2024-10-28 14:33:55 -04:00
fe_utils Prevent mis-encoding of "trailing junk after numeric literal" errors. 2024-09-05 12:42:33 -04:00
include Fix improper interactions between session_authorization and role. 2024-11-11 10:29:54 -05:00
interfaces Translation updates 2024-11-11 13:53:52 +01:00
makefiles Use --strip-unneeded when stripping static libraries with GNU strip. 2023-04-20 18:12:32 -04:00
pl Fix cross-version upgrade tests. 2024-11-11 13:57:40 -05:00
port Fix overflow in bsearch_arg() with more than INT_MAX elements 2024-10-28 14:07:59 +02:00
template Use unnamed POSIX semaphores on Cygwin. 2023-01-06 10:33:28 +13:00
test Fix improper interactions between session_authorization and role. 2024-11-11 10:29:54 -05:00
timezone Update time zone data files to tzdata release 2024b. 2024-10-29 11:49:56 -04:00
tools src/tools/msvc: Respect REGRESS_OPTS in plcheck. 2024-11-11 10:55:18 -08:00
tutorial Pre-beta mechanical code beautification. 2023-05-19 17:24:48 -04:00
.gitignore
DEVELOPERS
Makefile Integrate pg_bsd_indent into our build/test infrastructure. 2023-02-12 12:22:21 -05:00
Makefile.global.in Suppress macOS warnings about duplicate libraries in link commands. 2023-09-29 14:07:30 -04:00
Makefile.shlib Stop using "-multiply_defined suppress" on macOS. 2023-09-26 21:06:21 -04:00
meson.build Integrate pg_bsd_indent into our build/test infrastructure. 2023-02-12 12:22:21 -05:00
nls-global.mk Fix for make unportability 2022-07-13 09:15:01 +02:00