pgsql: Fix per-session activation of ALTER {ROLE|DATABASE} SET role.

Noah Misch Fri, 15 Nov 2024 20:44:27 -0800

Fix per-session activation of ALTER {ROLE|DATABASE} SET role.

After commit 5a2fed911a85ed6d8a015a6bafe3a0d9a69334ae, the catalog state
resulting from these commands ceased to affect sessions.  Restore the
longstanding behavior, which is like beginning the session with a SET
ROLE command.  If cherry-picking the CVE-2024-10978 fixes, default to
including this, too.  (This fixes an unintended side effect of fixing
CVE-2024-10978.)  Back-patch to v12, like that commit.  The release team
decided to include v12, despite the original intent to halt v12 commits
earlier this week.


Tom Lane and Noah Misch.  Reported by Etienne LAFARGE.

Discussion: 
https://postgr.es/m/CADOZwSb0UsEr4_UTFXC5k7=fyyk8ukxekucd+-uugjjsgbf...@mail.gmail.com

Branch
------
REL_17_STABLE

Details
-------
https://git.postgresql.org/pg/commitdiff/1c05004a895308da10ec000ba6b92f72f4f5b8e2

Modified Files
--------------
src/backend/utils/init/miscinit.c                  | 20 +++++++++++++-
src/backend/utils/misc/guc.c                       | 10 ++++++-
src/test/modules/unsafe_tests/Makefile             |  5 +++-
.../modules/unsafe_tests/expected/setconfig.out    | 31 ++++++++++++++++++++++
src/test/modules/unsafe_tests/meson.build          |  3 +++
src/test/modules/unsafe_tests/sql/setconfig.sql    | 24 +++++++++++++++++
6 files changed, 90 insertions(+), 3 deletions(-)

pgsql: Fix per-session activation of ALTER {ROLE|DATABASE} SET role.

Reply via email to