Attached is my proposed patch for this problem, to be put in 7.4.1.  
Please someone give it a quick check.

Tom Lane wrote:
> Peter Eisentraut <[EMAIL PROTECTED]> writes:
> > Tom Lane wrote:
> >> Uh, no, because you can say something like
> >> revoke all on language plperlu from public;
> >> and end up with non-null lanacl (because it instantiates the
> >> default assumption that the owner has all privileges).
> >
> > OK, that needs to be disallowed.
>
> Fair enough.  I thought it was a bit odd to disallow GRANT but allow
> REVOKE anyway.
>
> >> We could possibly hack the backend to avoid that, but I think
> >> pg_dump will need the special-case test anyway since it has to be
> >> able to cope with existing databases, wherein lanacl may be
> >> non-null.
> >
> > So far we know of 1 such database.  I'd like to see some more
> > before we bother about it.
>
> It's a one-line addition --- just put the dumpACL call inside
> "if (lanpltrusted)".  I think it is a reasonable change.  We'd have
> to do something anyway, because the existing pg_dump code is
> certainly broken for dumping untrusted languages from pre-7.3
> databases (it assumes a nonempty lanacl setting in that case).
diff -cr ../cvs-pgsql/src/backend/catalog/aclchk.c ./src/backend/catalog/aclchk.c
*** ../cvs-pgsql/src/backend/catalog/aclchk.c	Sat Nov  1 02:52:13 2003
--- ./src/backend/catalog/aclchk.c	Thu Dec 18 20:20:08 2003
***************
*** 592,601 ****
  			aclcheck_error(ACLCHECK_NO_PRIV, ACL_KIND_LANGUAGE,
  						   NameStr(pg_language_tuple->lanname));
  
! 		if (!pg_language_tuple->lanpltrusted && stmt->is_grant)
! 			ereport(ERROR,
! 					(errcode(ERRCODE_WRONG_OBJECT_TYPE),
! 					 errmsg("language \"%s\" is not trusted", langname)));
  
  		/*
  		 * If there's no ACL, substitute the proper default.
--- 592,613 ----
  			aclcheck_error(ACLCHECK_NO_PRIV, ACL_KIND_LANGUAGE,
  						   NameStr(pg_language_tuple->lanname));
  
! 		if (!pg_language_tuple->lanpltrusted)
! 		{
! 			if (stmt->is_grant)
! 			{
! 				ereport(ERROR,
! 						(errcode(ERRCODE_WRONG_OBJECT_TYPE),
! 						 errmsg("language \"%s\" is not trusted", langname)));
! 			}
! 			else
! 			{
! 				/* do nothing (like revoking a non-existing privilege) */
! 				ReleaseSysCache(tuple);
! 				heap_close(relation, RowExclusiveLock);
! 				continue;
! 			}
! 		}
  
  		/*
  		 * If there's no ACL, substitute the proper default.
diff -cr ../cvs-pgsql/src/bin/pg_dump/pg_dump.c ./src/bin/pg_dump/pg_dump.c
*** ../cvs-pgsql/src/bin/pg_dump/pg_dump.c	Thu Oct 30 21:24:39 2003
--- ./src/bin/pg_dump/pg_dump.c	Thu Dec 18 21:10:09 2003
***************
*** 3488,3493 ****
--- 3488,3494 ----
  	int			i_lanacl = -1;
  	char	   *lanoid;
  	char	   *lanname;
+ 	bool	    lanpltrusted;
  	char	   *lanacl;
  	const char *lanplcallfoid;
  	const char *lanvalidator;
***************
*** 3528,3533 ****
--- 3529,3535 ----
  		lanoid = PQgetvalue(res, i, i_oid);
  		lanplcallfoid = PQgetvalue(res, i, i_lanplcallfoid);
  		lanname = PQgetvalue(res, i, i_lanname);
+ 		lanpltrusted = (PQgetvalue(res, i, i_lanpltrusted)[0] == 't');
  		if (fout->remoteVersion >= 70300)
  		{
  			lanvalidator = PQgetvalue(res, i, i_lanvalidator);
***************
*** 3580,3586 ****
  						  fmtId(lanname));
  
  		appendPQExpBuffer(defqry, "CREATE %sPROCEDURAL LANGUAGE %s",
! 						  (PQgetvalue(res, i, i_lanpltrusted)[0] == 't') ?
  						  "TRUSTED " : "",
  						  fmtId(lanname));
  		appendPQExpBuffer(defqry, " HANDLER %s",
--- 3582,3588 ----
  						  fmtId(lanname));
  
  		appendPQExpBuffer(defqry, "CREATE %sPROCEDURAL LANGUAGE %s",
! 						  lanpltrusted ?
  						  "TRUSTED " : "",
  						  fmtId(lanname));
  		appendPQExpBuffer(defqry, " HANDLER %s",
***************
*** 3605,3611 ****
  					 "PROCEDURAL LANGUAGE", deps,
  					 defqry->data, delqry->data, NULL, NULL, NULL);
  
! 		if (!aclsSkip)
  		{
  			char	   *tmp = strdup(fmtId(lanname));
  
--- 3607,3613 ----
  					 "PROCEDURAL LANGUAGE", deps,
  					 defqry->data, delqry->data, NULL, NULL, NULL);
  
! 		if (!aclsSkip && lanpltrusted)
  		{
  			char	   *tmp = strdup(fmtId(lanname));
  
---------------------------(end of broadcast)---------------------------
TIP 7: don't forget to increase your free space map settings

Reply via email to