Add configurable option controlling security checks in LO functions.

4cd4a54c · Tom Lane · 1c3c0805 · 4cd4a54c · 4cd4a54c
Commit 4cd4a54c authored Jun 04, 1999 by Tom Lane
Hide whitespace changes
Inline Side-by-side

Showing with 16 additions and 2 deletions

src/backend/libpq/be-fsstubs.c src/backend/libpq/be-fsstubs.c +5 -1

src/include/config.h.in src/include/config.h.in +11 -1

No files found.
--- a/src/backend/libpq/be-fsstubs.c
+++ b/src/backend/libpq/be-fsstubs.c
@@ -7,7 +7,7 @@
 *
 *
 * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/backend/libpq/be-fsstubs.c,v 1.34 1999/05/31 22:53:57 tgl Exp $
+ *	  $Header: /cvsroot/pgsql/src/backend/libpq/be-fsstubs.c,v 1.35 1999/06/04 21:13:38 tgl Exp $
 *
 * NOTES
 *	  This should be moved to a more appropriate place.  It is here
@@ -334,10 +334,12 @@ lo_import(text *filename)
 	LargeObjectDesc *lobj;
 	Oid			lobjOid;

+#ifndef ALLOW_DANGEROUS_LO_FUNCTIONS
 	if (!superuser())
 		elog(ERROR, "You must have Postgres superuser privilege to use "
 			 "server-side lo_import().\n\tAnyone can use the "
 			 "client-side lo_import() provided by libpq.");
+#endif

 	/*
 	 * open the file to be read in
@@ -405,10 +407,12 @@ lo_export(Oid lobjId, text *filename)
 	LargeObjectDesc *lobj;
 	mode_t		oumask;

+#ifndef ALLOW_DANGEROUS_LO_FUNCTIONS
 	if (!superuser())
 		elog(ERROR, "You must have Postgres superuser privilege to use "
 			 "server-side lo_export().\n\tAnyone can use the "
 			 "client-side lo_export() provided by libpq.");
+#endif

 	/*
 	 * open the inversion "object"

--- a/src/include/config.h.in
+++ b/src/include/config.h.in
@@ -342,7 +342,7 @@ extern void srandom(unsigned int seed);
 #undef USE_POSIX_SIGNALS

 /*
- * Code below this point should not require changes
+ * Pull in OS-specific declarations (using link created by configure)
 */

 #include "os.h"
@@ -494,6 +494,16 @@ extern void srandom(unsigned int seed);
 */
 /* #define PSQL_ALWAYS_GET_PASSWORDS */

+/*
+ * Define this if you want to allow the lo_import and lo_export SQL functions
+ * to be executed by ordinary users.  By default these functions are only
+ * available to the Postgres superuser.  CAUTION: these functions are
+ * SECURITY HOLES since they can read and write any file that the Postgres
+ * backend has permission to access.  If you turn this on, don't say we
+ * didn't warn you.
+ */
+/* #define ALLOW_DANGEROUS_LO_FUNCTIONS */
+
 /*
 * Use btree bulkload code: 
 * this code is moderately slow (~10% slower) compared to the regular