From 6dc249610a87aa8b9dcc8baf4e64d2e14d02f548 Mon Sep 17 00:00:00 2001 From: Peter Eisentraut Date: Wed, 6 Sep 2000 14:15:31 +0000 Subject: Code cleanup of user name and user id handling in the backend. The current user is now defined in terms of the user id, the user name is only computed upon request (for display purposes). This is kind of the opposite of the previous state, which would maintain the user name and compute the user id for permission checks. Besides perhaps saving a few cycles (integer vs string), this now creates a single point of attack for changing the user id during a connection, for purposes of "setuid" functions, etc. --- src/backend/utils/init/miscinit.c | 74 ++++++++++++++------------------------- 1 file changed, 27 insertions(+), 47 deletions(-) (limited to 'src/backend/utils/init/miscinit.c') diff --git a/src/backend/utils/init/miscinit.c b/src/backend/utils/init/miscinit.c index 01182c765a9..20babcc616c 100644 --- a/src/backend/utils/init/miscinit.c +++ b/src/backend/utils/init/miscinit.c @@ -8,7 +8,7 @@ * * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/backend/utils/init/miscinit.c,v 1.53 2000/08/03 16:34:24 tgl Exp $ + * $Header: /cvsroot/pgsql/src/backend/utils/init/miscinit.c,v 1.54 2000/09/06 14:15:22 petere Exp $ * *------------------------------------------------------------------------- */ @@ -273,87 +273,67 @@ convertstr(unsigned char *buff, int len, int dest) #endif /* ---------------- - * GetPgUserName and SetPgUserName - * - * SetPgUserName must be called before InitPostgres, since the setuid() - * is done there. + * GetPgUserName * ---------------- */ char * GetPgUserName(void) { - return UserName; -} + HeapTuple tuple; + Oid userid; -void -SetPgUserName(void) -{ -#ifndef NO_SECURITY - char *p; - struct passwd *pw; + userid = GetUserId(); - if (IsUnderPostmaster) - { - /* use the (possibly) authenticated name that's provided */ - if (!(p = getenv("PG_USER"))) - elog(FATAL, "SetPgUserName: PG_USER environment variable is unset"); - } - else - { - /* setuid() has not yet been done, see above comment */ - if (!(pw = getpwuid(geteuid()))) - elog(FATAL, "SetPgUserName: no entry in host passwd file"); - p = pw->pw_name; - } - if (UserName) - free(UserName); - UserName = malloc(strlen(p) + 1); - strcpy(UserName, p); -#endif /* NO_SECURITY */ + tuple = SearchSysCacheTuple(SHADOWSYSID, ObjectIdGetDatum(userid), 0, 0, 0); + if (!HeapTupleIsValid(tuple)) + elog(ERROR, "invalid user id %u", (unsigned) userid); + + return pstrdup( NameStr(((Form_pg_shadow) GETSTRUCT(tuple))->usename) ); } + /* ---------------------------------------------------------------- * GetUserId and SetUserId * ---------------------------------------------------------------- */ static Oid UserId = InvalidOid; -int + +Oid GetUserId() { AssertState(OidIsValid(UserId)); return UserId; } + void -SetUserId() +SetUserId(Oid newid) { - HeapTuple userTup; - char *userName; + UserId = newid; +} - AssertState(!OidIsValid(UserId)); /* only once */ + +void +SetUserIdFromUserName(const char *username) +{ + HeapTuple userTup; /* * Don't do scans if we're bootstrapping, none of the system catalogs * exist yet, and they should be owned by postgres anyway. */ - if (IsBootstrapProcessingMode()) - { - UserId = geteuid(); - return; - } + AssertState(!IsBootstrapProcessingMode()); - userName = GetPgUserName(); userTup = SearchSysCacheTuple(SHADOWNAME, - PointerGetDatum(userName), + PointerGetDatum(username), 0, 0, 0); if (!HeapTupleIsValid(userTup)) - elog(FATAL, "SetUserId: user '%s' is not in '%s'", - userName, - ShadowRelationName); - UserId = (Oid) ((Form_pg_shadow) GETSTRUCT(userTup))->usesysid; + elog(FATAL, "user \"%s\" does not exist", username); + SetUserId( ((Form_pg_shadow) GETSTRUCT(userTup))->usesysid ); } + /*------------------------------------------------------------------------- * * posmaster pid file stuffs. $DATADIR/postmaster.pid is created when: -- cgit v1.2.3