Re: [HACKERS] Permissions on CHECKPOINT
Okay, okay, complaint withdrawn. Peter, would you commit that permission check? regards, tom lane
Re: [HACKERS] Permissions on CHECKPOINT
[ Charset ISO-8859-1 unsupported, converting... ] > > > What about DoS attacks? What would be the effect of > > > someone's setting off an infinite loop of CHECKPOINTs? > > > > Don't we have bigger DoS attacks? Certainly SELECT cash_out(1) is a > > much bigger one. > > I've missed point - cash_out(1) is bug that should be fixed. > Any reason to add yet another gun? True. I just thought there were many bigger DoS areas. Maybe I am wrong. -- Bruce Momjian| http://candle.pha.pa.us [EMAIL PROTECTED] | (610) 853-3000 + If your life is a hard drive, | 830 Blythe Avenue + Christ can be your backup.| Drexel Hill, Pennsylvania 19026
RE: [HACKERS] Permissions on CHECKPOINT
> > What about DoS attacks? What would be the effect of > > someone's setting off an infinite loop of CHECKPOINTs? > > Don't we have bigger DoS attacks? Certainly SELECT cash_out(1) is a > much bigger one. I've missed point - cash_out(1) is bug that should be fixed. Any reason to add yet another gun? Vadim
Re: [HACKERS] Permissions on CHECKPOINT
> Tom Lane wrote: > >Peter Eisentraut <[EMAIL PROTECTED]> writes: > >> Mikheev, Vadim writes: > >>> Yes, there should be permission checking - I'll add it later (in 7.1) > >>> if no one else. > > > >> Should be simple enough. Is this okay: > > > >Actually, I think a more interesting question is "should CHECKPOINT > >have permission restrictions? If so, what should they be?" > > > >A quite relevant precedent is that Unix systems (at least the ones > >I've used) do not restrict who can call sync(). > > What about DoS attacks? What would be the effect of someone's setting > off an infinite loop of CHECKPOINTs? Don't we have bigger DoS attacks? Certainly SELECT cash_out(1) is a much bigger one. -- Bruce Momjian| http://candle.pha.pa.us [EMAIL PROTECTED] | (610) 853-3000 + If your life is a hard drive, | 830 Blythe Avenue + Christ can be your backup.| Drexel Hill, Pennsylvania 19026
RE: [HACKERS] Permissions on CHECKPOINT
> Actually, I think a more interesting question is "should CHECKPOINT > have permission restrictions? If so, what should they be?" > > A quite relevant precedent is that Unix systems (at least the ones > I've used) do not restrict who can call sync(). Checkpoints 1. affect entire system, 2. increase log output and 3. it's hard operation. Command itself was added mostly for debug purposes. Vadim
RE: [HACKERS] Permissions on CHECKPOINT
> > Yes, there should be permission checking - I'll add it > > later (in 7.1) if no one else. > > Should be simple enough. Is this okay: I think yes - please apply. Vadim
Re: [HACKERS] Permissions on CHECKPOINT
Tom Lane wrote: >Peter Eisentraut <[EMAIL PROTECTED]> writes: >> Mikheev, Vadim writes: >>> Yes, there should be permission checking - I'll add it later (in 7.1) >>> if no one else. > >> Should be simple enough. Is this okay: > >Actually, I think a more interesting question is "should CHECKPOINT >have permission restrictions? If so, what should they be?" > >A quite relevant precedent is that Unix systems (at least the ones >I've used) do not restrict who can call sync(). What about DoS attacks? What would be the effect of someone's setting off an infinite loop of CHECKPOINTs? -- Oliver Elphick[EMAIL PROTECTED] Isle of Wight http://www.lfix.co.uk/oliver PGP: 1024R/32B8FAA1: 97 EA 1D 47 72 3F 28 47 6B 7E 39 CC 56 E4 C1 47 GPG: 1024D/3E1D0C1C: CA12 09E0 E8D5 8870 5839 932A 614D 4C34 3E1D 0C1C "Wash me thoroughly from mine iniquity, and cleanse me from my sin. For I acknowledge my transgressions; and my sin is ever before me. Against thee, thee only, have I sinned, and done this evil in thy sight..." Psalms 51:2-4
Re: [HACKERS] Permissions on CHECKPOINT
Peter Eisentraut <[EMAIL PROTECTED]> writes: > Mikheev, Vadim writes: >> Yes, there should be permission checking - I'll add it later (in 7.1) >> if no one else. > Should be simple enough. Is this okay: Actually, I think a more interesting question is "should CHECKPOINT have permission restrictions? If so, what should they be?" A quite relevant precedent is that Unix systems (at least the ones I've used) do not restrict who can call sync(). regards, tom lane
RE: [HACKERS] Permissions on CHECKPOINT
Mikheev, Vadim writes: > Yes, there should be permission checking - I'll add it later (in 7.1) > if no one else. Should be simple enough. Is this okay: Index: utility.c === RCS file: /home/projects/pgsql/cvsroot/pgsql/src/backend/tcop/utility.c,v retrieving revision 1.105 diff -c -r1.105 utility.c *** utility.c 2001/01/05 06:34:20 1.105 --- utility.c 2001/01/25 16:40:40 *** *** 18,23 --- 18,24 #include "access/heapam.h" #include "catalog/catalog.h" + #include "catalog/pg_shadow.h" #include "commands/async.h" #include "commands/cluster.h" #include "commands/command.h" *** *** 851,856 --- 852,859 { set_ps_display(commandTag = "CHECKPOINT"); + if (!superuser()) + elog(ERROR, "permission denied"); CreateCheckPoint(false); } break; -- Peter Eisentraut [EMAIL PROTECTED] http://yi.org/peter-e/
RE: [HACKERS] Permissions on CHECKPOINT
> >Contrary to what the submitted documentation claims, there is no > >permission checking done on the CHECKPOINT command. > Should there be? > > Vadim seemed to indicate that he was going to make that restriction. > Perhaps I misunderstood. Yes, there should be permission checking - I'll add it later (in 7.1) if no one else. Vadim
Re: [HACKERS] Permissions on CHECKPOINT
Peter Eisentraut wrote: >Contrary to what the submitted documentation claims, there is no >permission checking done on the CHECKPOINT command. Should there be? Vadim seemed to indicate that he was going to make that restriction. Perhaps I misunderstood. If it's too late to make the change for 7.1, the fact should be documented in a Bug section of the man page. >Btw., is there any normal usage application of this command? This relates >to the previous paragraph somewhat. > >-- >Peter Eisentraut [EMAIL PROTECTED] http://yi.org/peter-e/ > -- Oliver Elphick[EMAIL PROTECTED] Isle of Wight http://www.lfix.co.uk/oliver PGP: 1024R/32B8FAA1: 97 EA 1D 47 72 3F 28 47 6B 7E 39 CC 56 E4 C1 47 GPG: 1024D/3E1D0C1C: CA12 09E0 E8D5 8870 5839 932A 614D 4C34 3E1D 0C1C "If anyone has material possessions and sees his brother in need but has no pity on him, how can the love of God be in him?" I John 3:17