open-dsi
/
postgres
mirror of https://github.com/postgres/postgres
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Set GUC "is_superuser" in all processes that set AuthenticatedUserId.

Browse Source 
It was always false in single-user mode, in autovacuum workers, and in
background workers.  This had no specifically-identified security
consequences, but non-core code or future work might make it
security-relevant.  Back-patch to v11 (all supported versions).

Jelte Fennema-Nio.  Reported by Jelte Fennema-Nio.
pull/150/head
Noah Misch 2 years ago
parent 7854127315
commit 2c3c5ec493
1 changed files with 8 additions and 0 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 8
      src/backend/utils/init/miscinit.c

8
src/backend/utils/init/miscinit.c
Unescape View File

@ -844,6 +844,14 @@ InitializeSessionUserIdStandalone(void)
AuthenticatedUserIsSuperuser = true;
SetSessionUserId(BOOTSTRAP_SUPERUSERID, true);
/*
* XXX This should set SetConfigOption("session_authorization"), too.
* Since we don't, C code will get NULL, and current_setting() will get an
* empty string.
*/
SetConfigOption("is_superuser", "on",
PGC_INTERNAL, PGC_S_DYNAMIC_DEFAULT);
}
/*

Write Preview
Loading…
Cancel
Save