Re: Preventing non-superusers from altering session authorization
Joseph Koshakow <koshy44@gmail.com>
From: Joseph Koshakow <koshy44@gmail.com>
To: Nathan Bossart <nathandbossart@gmail.com>
Cc: PostgreSQL Hackers <pgsql-hackers@lists.postgresql.org>
Date: 2023-07-10T00:54:30Z
Lists: pgsql-hackers
On Sun, Jul 9, 2023 at 1:03 PM Joseph Koshakow <koshy44@gmail.com> wrote: >> * Only a superuser may set auth ID to something other than himself > Is "auth ID" the right term here? Maybe something like "Only a > superuser may set their session authorization/ID to something other > than their authenticated ID." >> But we set the GUC variable >> * is_superuser to indicate whether the *current* session userid is a >> * superuser. > Just a small correction here, I believe the is_superuser GUC is meant > to indicate whether the current user id is a superuser, not the current > session user id. We only update is_superuser in SetSessionAuthorization > because we are also updating the current user id in SetSessionUserId. I just realized that you moved this comment from SetSessionAuthorization. I think we should leave the part about setting the GUC variable is_superuser on top of SetSessionAuthorization since that's where we actually set the GUC. Thanks, Joe Koshakow
Commits
-
Fix privilege check for SET SESSION AUTHORIZATION.
- a0363ab7aafd 17.0 landed
-
Move privilege check for SET SESSION AUTHORIZATION.
- 9987a7bf3406 17.0 landed
-
Rename session_auth_is_superuser to current_role_is_superuser.
- 0fef87753828 17.0 landed