Password fix. Now people have to do the REVOKE themselves.

28 years ago · df67b83a7a
parent 70ddf2dfc2
commit df67b83a7a
4 changed files with 40 additions and 10 deletions
--- a/src/backend/commands/user.c
+++ b/src/backend/commands/user.c
@ -30,8 +30,11 @@
 #include <tcop/tcopprot.h>
 #include <utils/acl.h>
 #include <utils/rel.h>
+#include <utils/syscache.h>
 #include <commands/user.h>

+static void CheckPgUserAclNotNull(void);
+
 /*---------------------------------------------------------------------
 * UpdatePgPwdFile
 *
@ -93,6 +96,8 @@ void DefineUser(CreateUserStmt *stmt) {
                   inblock;
  int              max_id = -1;

+  if (stmt->password)
+	CheckPgUserAclNotNull();
  if (!(inblock = IsTransactionBlock()))
    BeginTransactionBlock();

@ -204,6 +209,8 @@ extern void AlterUser(AlterUserStmt *stmt) {
                   n,
                   inblock;

+  if (stmt->password)
+	CheckPgUserAclNotNull();
  if (!(inblock = IsTransactionBlock()))
    BeginTransactionBlock();

@ -420,3 +427,30 @@ extern void RemoveUser(char* user) {
  if (IsTransactionBlock() && !inblock)
    EndTransactionBlock();
 }
+
+/*
+ * CheckPgUserAclNotNull
+ *
+ * check to see if there is an ACL on pg_user
+ */
+static void CheckPgUserAclNotNull()
+{
+HeapTuple htp;
+
+	htp = SearchSysCacheTuple(RELNAME, PointerGetDatum(UserRelationName),
+							  0, 0, 0);
+	if (!HeapTupleIsValid(htp))
+	{
+		elog(ERROR, "IsPgUserAclNull: class \"%s\" not found",
+			 UserRelationName);
+	}
+
+	if (heap_attisnull(htp, Anum_pg_class_relacl))
+	{
+		elog(NOTICE, "To use passwords, you have to revoke permissions on pg_user");
+		elog(NOTICE, "so normal users can not read the passwords.");
+		elog(ERROR, "Try 'REVOKE ALL ON pg_user FROM PUBLIC'");
+	}
+	
+	return;
+}
--- a/src/bin/initdb/initdb.sh
+++ b/src/bin/initdb/initdb.sh
@ -26,7 +26,7 @@
 #
 #
 # IDENTIFICATION
-#    $Header: /cvsroot/pgsql/src/bin/initdb/Attic/initdb.sh,v 1.31 1997/12/30 02:26:43 scrappy Exp $
+#    $Header: /cvsroot/pgsql/src/bin/initdb/Attic/initdb.sh,v 1.32 1998/02/19 17:19:45 momjian Exp $
 #
 #-------------------------------------------------------------------------

@ -351,10 +351,6 @@ echo "vacuuming template1"
 echo "vacuum" | postgres -F -Q -D$PGDATA template1 2>&1 > /dev/null |\
 	grep -v "^DEBUG:"

-echo "Altering pg_user acl"
-echo "REVOKE ALL ON pg_user FROM public" | postgres -F -Q -D$PGDATA template1 2>&1 > /dev/null |\
-         grep -v "'DEBUG:"
-
 echo "COPY pg_user TO '$PGDATA/pg_pwd' USING DELIMITERS '\\t'" | postgres -F -Q -D$PGDATA template1 2>&1 > /dev/null |\
         grep -v "'DEBUG:"

--- a/src/include/catalog/pg_user.h
+++ b/src/include/catalog/pg_user.h
@ -7,7 +7,7 @@
 *
 * Copyright (c) 1994, Regents of the University of California
 *
- * $Id: pg_user.h,v 1.8 1997/12/12 16:26:36 momjian Exp $
+ * $Id: pg_user.h,v 1.9 1998/02/19 17:19:51 momjian Exp $
 *
 * NOTES
 *	  the genbki.sh script reads this file and generates .bki
@ -58,7 +58,7 @@ typedef FormData_pg_user *Form_pg_user;
 #define Anum_pg_user_usetrace			4
 #define Anum_pg_user_usesuper			5
 #define Anum_pg_user_usecatupd			6
-#define Anum_pg_user_passwd			7
+#define Anum_pg_user_passwd				7
 #define Anum_pg_user_valuntil			8

 /* ----------------
--- a/src/interfaces/ecpg/include/Makefile
+++ b/src/interfaces/ecpg/include/Makefile
@ -6,9 +6,9 @@ all clean::
 	@echo Nothing to be done.

 install::
-	install ecpglib.h $(DESTDIR)$(HEADERDIR)	
-	install ecpgtype.h $(DESTDIR)$(HEADERDIR)	
-	install sqlca.h $(DESTDIR)$(HEADERDIR)	
+	install $(INSTLOPTS) ecpglib.h $(DESTDIR)$(HEADERDIR)	
+	install $(INSTLOPTS) ecpgtype.h $(DESTDIR)$(HEADERDIR)	
+	install $(INSTLOPTS) sqlca.h $(DESTDIR)$(HEADERDIR)	

 uninstall::
 	rm -f $(DESTDIR)$(HEADERDIR)/ecpglib.h