external
/
citus
mirror of https://github.com/citusdata/citus.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Only allow transmit from pgsql_job_cache directory

pull/2496/head
Marco Slot 2018-11-27 11:18:49 +01:00
parent 2967d8e65f
commit 9cf91c438b
5 changed files with 21 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/backend/distributed/commands/transmit.c
View File

@ -420,6 +420,12 @@ VerifyTransmitStmt(CopyStmt *copyStatement)
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
(errmsg("path must be in or below the current directory")))); (errmsg("path must be in or below the current directory"))));
} }
else if (!CacheDirectoryElement(fileName))
{
ereport(ERROR,
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
(errmsg("path must be in the pgsql_job_cache directory"))));
}
if (copyStatement->filename != NULL) if (copyStatement->filename != NULL)
{ {

7
src/backend/distributed/worker/worker_partition_protocol.c
View File

@ -643,7 +643,12 @@ CacheDirectoryElement(const char *filename)
appendStringInfo(directoryPath, "base/%s/", PG_JOB_CACHE_DIR); appendStringInfo(directoryPath, "base/%s/", PG_JOB_CACHE_DIR);
directoryPathFound = strstr(filename, directoryPath->data); directoryPathFound = strstr(filename, directoryPath->data);
if (directoryPathFound != NULL)
/*
* If directoryPath occurs at the beginning of the filename, then the
* pointers should now be equal.
*/
if (directoryPathFound == filename)
{ {
directoryElement = true; directoryElement = true;
} }

3
src/test/regress/expected/multi_multiuser.out
View File

@ -109,6 +109,9 @@ PREPARE prepare_select AS SELECT count(*) FROM test;
-- not allowed to read absolute paths, even as superuser -- not allowed to read absolute paths, even as superuser
COPY "/etc/passwd" TO STDOUT WITH (format transmit); COPY "/etc/passwd" TO STDOUT WITH (format transmit);
ERROR: absolute path not allowed ERROR: absolute path not allowed
-- not allowed to read paths outside pgsql_job_cache, even as superuser
COPY "postgresql.conf" TO STDOUT WITH (format transmit);
ERROR: path must be in the pgsql_job_cache directory
-- check full permission -- check full permission
SET ROLE full_access; SET ROLE full_access;
EXECUTE prepare_insert(1); EXECUTE prepare_insert(1);

3
src/test/regress/expected/multi_multiuser_0.out
View File

@ -109,6 +109,9 @@ PREPARE prepare_select AS SELECT count(*) FROM test;
-- not allowed to read absolute paths, even as superuser -- not allowed to read absolute paths, even as superuser
COPY "/etc/passwd" TO STDOUT WITH (format transmit); COPY "/etc/passwd" TO STDOUT WITH (format transmit);
ERROR: absolute path not allowed ERROR: absolute path not allowed
-- not allowed to read paths outside pgsql_job_cache, even as superuser
COPY "postgresql.conf" TO STDOUT WITH (format transmit);
ERROR: path must be in the pgsql_job_cache directory
-- check full permission -- check full permission
SET ROLE full_access; SET ROLE full_access;
EXECUTE prepare_insert(1); EXECUTE prepare_insert(1);

3
src/test/regress/sql/multi_multiuser.sql
View File

@ -87,6 +87,9 @@ PREPARE prepare_select AS SELECT count(*) FROM test;
-- not allowed to read absolute paths, even as superuser -- not allowed to read absolute paths, even as superuser
COPY "/etc/passwd" TO STDOUT WITH (format transmit); COPY "/etc/passwd" TO STDOUT WITH (format transmit);
-- not allowed to read paths outside pgsql_job_cache, even as superuser
COPY "postgresql.conf" TO STDOUT WITH (format transmit);
-- check full permission -- check full permission
SET ROLE full_access; SET ROLE full_access;