projects / postgresql.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: ca6fde9) | patch
Restrict accesses to non-system views and foreign tables during pg_dump.
authorMasahiko Sawada <[email protected]>
Mon, 5 Aug 2024 13:05:33 +0000 (06:05 -0700)
committerMasahiko Sawada <[email protected]>
Mon, 5 Aug 2024 13:05:33 +0000 (06:05 -0700)
commit66e94448abec3aad04faf0a79cab4881ae08e08a
tree1bb205b149e888ec01e3cf374bbd833171102421tree
parentca6fde92258a328a98c1d9e41da5462b73da8529commit | diff
Restrict accesses to non-system views and foreign tables during pg_dump.

When pg_dump retrieves the list of database objects and performs the
data dump, there was possibility that objects are replaced with others
of the same name, such as views, and access them. This vulnerability
could result in code execution with superuser privileges during the
pg_dump process.

This issue can arise when dumping data of sequences, foreign
tables (only 13 or later), or tables registered with a WHERE clause in
the extension configuration table.

To address this, pg_dump now utilizes the newly introduced
restrict_nonsystem_relation_kind GUC parameter to restrict the
accesses to non-system views and foreign tables during the dump
process. This new GUC parameter is added to back branches too, but
these changes do not require cluster recreation.

Back-patch to all supported branches.

Reviewed-by: Noah Misch
Security: CVE-2024-7348
Backpatch-through: 12
15 files changed:
contrib/postgres_fdw/expected/postgres_fdw.out diff | blob | blame | history
contrib/postgres_fdw/sql/postgres_fdw.sql diff | blob | blame | history
doc/src/sgml/config.sgml diff | blob | blame | history
doc/src/sgml/ref/pg_dump.sgml diff | blob | blame | history
src/backend/foreign/foreign.c diff | blob | blame | history
src/backend/optimizer/plan/createplan.c diff | blob | blame | history
src/backend/optimizer/util/plancat.c diff | blob | blame | history
src/backend/rewrite/rewriteHandler.c diff | blob | blame | history
src/backend/tcop/postgres.c diff | blob | blame | history
src/backend/utils/misc/guc_tables.c diff | blob | blame | history
src/bin/pg_dump/pg_dump.c diff | blob | blame | history
src/include/tcop/tcopprot.h diff | blob | blame | history
src/include/utils/guc_hooks.h diff | blob | blame | history
src/test/regress/expected/create_view.out diff | blob | blame | history
src/test/regress/sql/create_view.sql diff | blob | blame | history
This is the main PostgreSQL git repository.