diff options
| author | Tom Lane <tgl@sss.pgh.pa.us> | 2009-10-03 18:04:57 +0000 |
|---|---|---|
| committer | Tom Lane <tgl@sss.pgh.pa.us> | 2009-10-03 18:04:57 +0000 |
| commit | 54d60bbd075a61c7dd2ef384dc930d726d68ee64 (patch) | |
| tree | e42859f4f1d4da1b83497ce59fd2b4713abc0035 /src/backend/utils/misc/guc.c | |
| parent | 66a8417f4e595fe72bf610f58fa013823f00cb47 (diff) | |
| download | postgresql-54d60bbd075a61c7dd2ef384dc930d726d68ee64.tar.gz postgresql-54d60bbd075a61c7dd2ef384dc930d726d68ee64.zip | |
Fix a couple of issues in recent patch to print updates to postgresql.conf
settings: avoid calling superuser() in contexts where it's not defined,
don't leak the transient copies of GetConfigOption output, and avoid the
whole exercise in postmaster child processes.
I found that actually no current caller of GetConfigOption has any use for
its internal check of GUC_SUPERUSER_ONLY. But rather than just remove
that entirely, it seemed better to add a parameter indicating whether to
enforce the check.
Per report from Simon and subsequent testing.
Diffstat (limited to 'src/backend/utils/misc/guc.c')
| -rw-r--r-- | src/backend/utils/misc/guc.c | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/src/backend/utils/misc/guc.c b/src/backend/utils/misc/guc.c index cb743bb55ef..4d5aeee85ce 100644 --- a/src/backend/utils/misc/guc.c +++ b/src/backend/utils/misc/guc.c @@ -10,7 +10,7 @@ * Written by Peter Eisentraut <peter_e@gmx.net>. * * IDENTIFICATION - * $PostgreSQL: pgsql/src/backend/utils/misc/guc.c,v 1.519 2009/09/22 23:43:38 tgl Exp $ + * $PostgreSQL: pgsql/src/backend/utils/misc/guc.c,v 1.520 2009/10/03 18:04:57 tgl Exp $ * *-------------------------------------------------------------------- */ @@ -5197,11 +5197,15 @@ SetConfigOption(const char *name, const char *value, * Fetch the current value of the option `name'. If the option doesn't exist, * throw an ereport and don't return. * + * If restrict_superuser is true, we also enforce that only superusers can + * see GUC_SUPERUSER_ONLY variables. This should only be passed as true + * in user-driven calls. + * * The string is *not* allocated for modification and is really only * valid until the next call to configuration related functions. */ const char * -GetConfigOption(const char *name) +GetConfigOption(const char *name, bool restrict_superuser) { struct config_generic *record; static char buffer[256]; @@ -5211,7 +5215,9 @@ GetConfigOption(const char *name) ereport(ERROR, (errcode(ERRCODE_UNDEFINED_OBJECT), errmsg("unrecognized configuration parameter \"%s\"", name))); - if ((record->flags & GUC_SUPERUSER_ONLY) && !superuser()) + if (restrict_superuser && + (record->flags & GUC_SUPERUSER_ONLY) && + !superuser()) ereport(ERROR, (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), errmsg("must be superuser to examine \"%s\"", name))); |