From f1b4aa2a84732255bd8a34fc9c7994a04409b77a Mon Sep 17 00:00:00 2001 From: Robert Haas Date: Tue, 22 Nov 2011 16:16:26 -0500 Subject: Check for INSERT privileges in SELECT INTO / CREATE TABLE AS. In the normal course of events, this matters only if ALTER DEFAULT PRIVILEGES has been used to revoke default INSERT permission. Whether or not the new behavior is more or less likely to be what the user wants when dealing only with the built-in privilege facilities is arguable, but it's clearly better when using a loadable module such as sepgsql that may use the hook in ExecCheckRTPerms to enforce additional permissions checks. KaiGai Kohei, reviewed by Albe Laurenz --- src/backend/executor/execMain.c | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) (limited to 'src/backend/executor/execMain.c') diff --git a/src/backend/executor/execMain.c b/src/backend/executor/execMain.c index fd7a9ed0339..708831a5c34 100644 --- a/src/backend/executor/execMain.c +++ b/src/backend/executor/execMain.c @@ -2395,6 +2395,8 @@ OpenIntoRel(QueryDesc *queryDesc) Datum reloptions; Oid intoRelationId; DR_intorel *myState; + RangeTblEntry *rte; + AttrNumber attnum; static char *validnsps[] = HEAP_RELOPT_NAMESPACES; Assert(into); @@ -2516,6 +2518,21 @@ OpenIntoRel(QueryDesc *queryDesc) */ intoRelationDesc = heap_open(intoRelationId, AccessExclusiveLock); + /* + * check INSERT permission on the constructed table. + */ + rte = makeNode(RangeTblEntry); + rte->rtekind = RTE_RELATION; + rte->relid = intoRelationId; + rte->relkind = RELKIND_RELATION; + rte->requiredPerms = ACL_INSERT; + + for (attnum = 1; attnum <= queryDesc->tupDesc->natts; attnum++) + rte->modifiedCols = bms_add_member(rte->modifiedCols, + attnum - FirstLowInvalidHeapAttributeNumber); + + ExecCheckRTPerms(list_make1(rte), true); + /* * Now replace the query's DestReceiver with one for SELECT INTO */ -- cgit v1.2.3