external
/
citus
mirror of https://github.com/citusdata/citus.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

multi_multiuser: test that worker_merge_files_and_query doesn't allow privilege escalation

pull/2911/head
Philip Dubé 2019-08-27 17:08:26 +00:00
parent 60dc42a3ae
commit 5f9e88b260
3 changed files with 45 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
src/test/regress/expected/multi_multiuser.out
View File

@ -402,7 +402,7 @@ INSERT INTO full_access_user_schema.t1 VALUES (1),(2),(3);
-- not allowed to create a table -- not allowed to create a table
SELECT create_distributed_table('full_access_user_schema.t1', 'id'); SELECT create_distributed_table('full_access_user_schema.t1', 'id');
ERROR: permission denied for schema full_access_user_schema ERROR: permission denied for schema full_access_user_schema
CONTEXT: while executing command on localhost:57638 CONTEXT: while executing command on localhost:57637
RESET ROLE; RESET ROLE;
-- now we distribute the table as super user -- now we distribute the table as super user
SELECT create_distributed_table('full_access_user_schema.t1', 'id'); SELECT create_distributed_table('full_access_user_schema.t1', 'id');
@ -536,7 +536,7 @@ ERROR: could not receive file "base/pgsql_job_cache/job_0042/task_000001/p_0000
-- different user should not be able to fetch partition file -- different user should not be able to fetch partition file
SET ROLE usage_access; SET ROLE usage_access;
SELECT worker_fetch_partition_file(42, 1, 1, 1, 'localhost', :worker_1_port); SELECT worker_fetch_partition_file(42, 1, 1, 1, 'localhost', :worker_1_port);
WARNING: could not open file "base/pgsql_job_cache/job_0042/task_000001/p_00001.18007": No such file or directory WARNING: could not open file "base/pgsql_job_cache/job_0042/task_000001/p_00001.17981": No such file or directory
CONTEXT: while executing command on localhost:57637 CONTEXT: while executing command on localhost:57637
ERROR: could not receive file "base/pgsql_job_cache/job_0042/task_000001/p_00001" from localhost:57637 ERROR: could not receive file "base/pgsql_job_cache/job_0042/task_000001/p_00001" from localhost:57637
-- only the user whom created the files should be able to fetch -- only the user whom created the files should be able to fetch
@ -575,7 +575,7 @@ RESET ROLE;
-- test that the super user is unable to read the contents of the intermediate file, -- test that the super user is unable to read the contents of the intermediate file,
-- although it does create the table -- although it does create the table
SELECT worker_merge_files_into_table(42, 1, ARRAY['a'], ARRAY['integer']); SELECT worker_merge_files_into_table(42, 1, ARRAY['a'], ARRAY['integer']);
WARNING: Task file "task_000001.18003" does not have expected suffix ".10" WARNING: Task file "task_000001.17977" does not have expected suffix ".10"
worker_merge_files_into_table worker_merge_files_into_table
------------------------------- -------------------------------
@ -617,7 +617,7 @@ SELECT worker_merge_files_and_run_query(42, 1,
'CREATE TABLE task_000001_merge(merge_column_0 int)', 'CREATE TABLE task_000001_merge(merge_column_0 int)',
'CREATE TABLE task_000001 (a) AS SELECT sum(merge_column_0) FROM task_000001_merge' 'CREATE TABLE task_000001 (a) AS SELECT sum(merge_column_0) FROM task_000001_merge'
); );
WARNING: Task file "task_000001.18003" does not have expected suffix ".10" WARNING: Task file "task_000001.17977" does not have expected suffix ".10"
worker_merge_files_and_run_query worker_merge_files_and_run_query
---------------------------------- ----------------------------------
@ -647,6 +647,19 @@ SELECT worker_merge_files_and_run_query(42, 1,
(1 row) (1 row)
-- test that owner of task cannot execute arbitrary sql
SELECT worker_merge_files_and_run_query(42, 1,
'CREATE TABLE task_000002_merge(merge_column_0 int)',
'DROP USER usage_access'
);
ERROR: permission denied to drop role
CONTEXT: SQL statement "DROP USER usage_access"
SELECT worker_merge_files_and_run_query(42, 1,
'DROP USER usage_access',
'CREATE TABLE task_000002 (a) AS SELECT sum(merge_column_0) FROM task_000002_merge'
);
ERROR: permission denied to drop role
CONTEXT: SQL statement "DROP USER usage_access"
SELECT count(*) FROM pg_merge_job_0042.task_000001_merge; SELECT count(*) FROM pg_merge_job_0042.task_000001_merge;
count count
------- -------

19
src/test/regress/expected/multi_multiuser_0.out
View File

@ -536,7 +536,7 @@ ERROR: could not receive file "base/pgsql_job_cache/job_0042/task_000001/p_0000
-- different user should not be able to fetch partition file -- different user should not be able to fetch partition file
SET ROLE usage_access; SET ROLE usage_access;
SELECT worker_fetch_partition_file(42, 1, 1, 1, 'localhost', :worker_1_port); SELECT worker_fetch_partition_file(42, 1, 1, 1, 'localhost', :worker_1_port);
WARNING: could not open file "base/pgsql_job_cache/job_0042/task_000001/p_00001.18058": No such file or directory WARNING: could not open file "base/pgsql_job_cache/job_0042/task_000001/p_00001.18007": No such file or directory
CONTEXT: while executing command on localhost:57637 CONTEXT: while executing command on localhost:57637
ERROR: could not receive file "base/pgsql_job_cache/job_0042/task_000001/p_00001" from localhost:57637 ERROR: could not receive file "base/pgsql_job_cache/job_0042/task_000001/p_00001" from localhost:57637
-- only the user whom created the files should be able to fetch -- only the user whom created the files should be able to fetch
@ -575,7 +575,7 @@ RESET ROLE;
-- test that the super user is unable to read the contents of the intermediate file, -- test that the super user is unable to read the contents of the intermediate file,
-- although it does create the table -- although it does create the table
SELECT worker_merge_files_into_table(42, 1, ARRAY['a'], ARRAY['integer']); SELECT worker_merge_files_into_table(42, 1, ARRAY['a'], ARRAY['integer']);
WARNING: Task file "task_000001.18054" does not have expected suffix ".10" WARNING: Task file "task_000001.18003" does not have expected suffix ".10"
worker_merge_files_into_table worker_merge_files_into_table
------------------------------- -------------------------------
@ -617,7 +617,7 @@ SELECT worker_merge_files_and_run_query(42, 1,
'CREATE TABLE task_000001_merge(merge_column_0 int)', 'CREATE TABLE task_000001_merge(merge_column_0 int)',
'CREATE TABLE task_000001 (a) AS SELECT sum(merge_column_0) FROM task_000001_merge' 'CREATE TABLE task_000001 (a) AS SELECT sum(merge_column_0) FROM task_000001_merge'
); );
WARNING: Task file "task_000001.18054" does not have expected suffix ".10" WARNING: Task file "task_000001.18003" does not have expected suffix ".10"
worker_merge_files_and_run_query worker_merge_files_and_run_query
---------------------------------- ----------------------------------
@ -647,6 +647,19 @@ SELECT worker_merge_files_and_run_query(42, 1,
(1 row) (1 row)
-- test that owner of task cannot execute arbitrary sql
SELECT worker_merge_files_and_run_query(42, 1,
'CREATE TABLE task_000002_merge(merge_column_0 int)',
'DROP USER usage_access'
);
ERROR: permission denied to drop role
CONTEXT: SQL statement "DROP USER usage_access"
SELECT worker_merge_files_and_run_query(42, 1,
'DROP USER usage_access',
'CREATE TABLE task_000002 (a) AS SELECT sum(merge_column_0) FROM task_000002_merge'
);
ERROR: permission denied to drop role
CONTEXT: SQL statement "DROP USER usage_access"
SELECT count(*) FROM pg_merge_job_0042.task_000001_merge; SELECT count(*) FROM pg_merge_job_0042.task_000001_merge;
count count
------- -------

12
src/test/regress/sql/multi_multiuser.sql
View File

@ -411,6 +411,18 @@ SELECT worker_merge_files_and_run_query(42, 1,
'CREATE TABLE task_000001_merge(merge_column_0 int)', 'CREATE TABLE task_000001_merge(merge_column_0 int)',
'CREATE TABLE task_000001 (a) AS SELECT sum(merge_column_0) FROM task_000001_merge' 'CREATE TABLE task_000001 (a) AS SELECT sum(merge_column_0) FROM task_000001_merge'
); );
-- test that owner of task cannot execute arbitrary sql
SELECT worker_merge_files_and_run_query(42, 1,
'CREATE TABLE task_000002_merge(merge_column_0 int)',
'DROP USER usage_access'
);
SELECT worker_merge_files_and_run_query(42, 1,
'DROP USER usage_access',
'CREATE TABLE task_000002 (a) AS SELECT sum(merge_column_0) FROM task_000002_merge'
);
SELECT count(*) FROM pg_merge_job_0042.task_000001_merge; SELECT count(*) FROM pg_merge_job_0042.task_000001_merge;
SELECT count(*) FROM pg_merge_job_0042.task_000001; SELECT count(*) FROM pg_merge_job_0042.task_000001;
DROP TABLE pg_merge_job_0042.task_000001, pg_merge_job_0042.task_000001_merge; -- drop table so we can reuse the same files for more tests DROP TABLE pg_merge_job_0042.task_000001, pg_merge_job_0042.task_000001_merge; -- drop table so we can reuse the same files for more tests