Require SELECT privilege on a table to do dblink_get_pkey(). This is

not all that exciting when the system catalogs are readable by all,
but some people try to lock them down, and would not like this sort of
end run ...

1 files changed, 11 insertions, 2 deletions

diff --git a/contrib/dblink/dblink.c b/contrib/dblink/dblink.c
index 190c7005d64..295a7797725 100644
--- a/contrib/dblink/dblink.c
+++ b/contrib/dblink/dblink.c
@@ -8,7 +8,7 @@
  * Darko Prenosil <Darko.Prenosil@finteh.hr>
  * Shridhar Daithankar <shridhar_daithankar@persistent.co.in>
  *
- * $PostgreSQL: pgsql/contrib/dblink/dblink.c,v 1.64 2007/07/08 17:12:38 joe Exp $
+ * $PostgreSQL: pgsql/contrib/dblink/dblink.c,v 1.65 2007/08/27 01:24:50 tgl Exp $
  * Copyright (c) 2001-2007, PostgreSQL Global Development Group
  * ALL RIGHTS RESERVED;
  *
@@ -51,6 +51,7 @@
 #include "nodes/pg_list.h"
 #include "parser/parse_type.h"
 #include "tcop/tcopprot.h"
+#include "utils/acl.h"
 #include "utils/array.h"
 #include "utils/builtins.h"
 #include "utils/dynahash.h"
@@ -1686,9 +1687,17 @@ get_pkey_attnames(Oid relid, int16 *numatts)
 	char	  **result = NULL;
 	Relation	rel;
 	TupleDesc	tupdesc;
+	AclResult	aclresult;
 
-	/* open relation using relid, get tupdesc */
+	/* open relation using relid, check permissions, get tupdesc */
 	rel = relation_open(relid, AccessShareLock);
+
+	aclresult = pg_class_aclcheck(RelationGetRelid(rel), GetUserId(),
+								  ACL_SELECT);
+	if (aclresult != ACLCHECK_OK)
+		aclcheck_error(aclresult, ACL_KIND_CLASS,
+					   RelationGetRelationName(rel));
+
 	tupdesc = rel->rd_att;
 
 	/* initialize numatts to 0 in case no primary key exists */