Re: Add default role 'pg_access_server_files'

2018-04-06 Thread Stephen Frost
Greetings, * Stephen Frost (sfr...@snowman.net) wrote: > Great, thanks. I'll be doing more review of it myself and see about > pushing it later this afternoon. Took a bit longer as I wanted to check over a few more things, but I've now pushed this. Thanks much for all of the help with review

Re: Add default role 'pg_access_server_files'

2018-04-04 Thread Stephen Frost
Michael, * Michael Paquier (mich...@paquier.xyz) wrote: > On Mon, Apr 02, 2018 at 05:09:21PM -0400, Stephen Frost wrote: > > * Michael Paquier (mich...@paquier.xyz) wrote: > >> No refactoring for pg_file_unlink and its v1.1? > > > > I considered each function and thought about if it'd make sense

Re: Add default role 'pg_access_server_files'

2018-04-02 Thread Michael Paquier
On Mon, Apr 02, 2018 at 05:09:21PM -0400, Stephen Frost wrote: > * Michael Paquier (mich...@paquier.xyz) wrote: >> No refactoring for pg_file_unlink and its v1.1? > > I considered each function and thought about if it'd make sense to > refactor them or if they were simple enough that the

Re: Add default role 'pg_access_server_files'

2018-04-02 Thread Stephen Frost
Michael, all, * Michael Paquier (mich...@paquier.xyz) wrote: > On Sun, Apr 01, 2018 at 09:39:02AM -0400, Stephen Frost wrote: > > Thanks for checking. Attached is an updated version which also includes > > the changes for adminpack, done in a similar manner to how pgstattuple > > was updated, as

Re: Add default role 'pg_access_server_files'

2018-04-01 Thread Michael Paquier
On Sun, Apr 01, 2018 at 09:39:02AM -0400, Stephen Frost wrote: > Thanks for checking. Attached is an updated version which also includes > the changes for adminpack, done in a similar manner to how pgstattuple > was updated, as discussed. Regression tests updated and extended a bit, > doc

Re: Add default role 'pg_access_server_files'

2018-04-01 Thread Stephen Frost
Greetings, * Michael Paquier (mich...@paquier.xyz) wrote: > On Sun, Mar 25, 2018 at 09:43:25PM -0400, Stephen Frost wrote: > > * Michael Paquier (mich...@paquier.xyz) wrote: > >> On Thu, Mar 08, 2018 at 10:15:11AM +0900, Michael Paquier wrote: > >> > Other than that the patch looks in pretty good

Re: Add default role 'pg_access_server_files'

2018-03-26 Thread Michael Paquier
On Sun, Mar 25, 2018 at 09:43:25PM -0400, Stephen Frost wrote: > * Michael Paquier (mich...@paquier.xyz) wrote: >> On Thu, Mar 08, 2018 at 10:15:11AM +0900, Michael Paquier wrote: >> > Other than that the patch looks in pretty good shape to me. >> >> The regression tests of file_fdw are blowing

Re: Add default role 'pg_access_server_files'

2018-03-25 Thread Stephen Frost
Greetings, * Michael Paquier (mich...@paquier.xyz) wrote: > On Thu, Mar 08, 2018 at 10:15:11AM +0900, Michael Paquier wrote: > > Other than that the patch looks in pretty good shape to me. > > The regression tests of file_fdw are blowing up because of an error > string patch 2 changes. Fixed in

Re: Add default role 'pg_access_server_files'

2018-03-07 Thread Stephen Frost
Greetings Michael, * Michael Paquier (mich...@paquier.xyz) wrote: > On Tue, Mar 06, 2018 at 10:00:54AM -0500, Stephen Frost wrote: > > Attached is an updated patch which splits up the permissions as > > suggested up-thread by Magnus: > > > > The default roles added are: > > > > *

Re: Add default role 'pg_access_server_files'

2018-03-06 Thread Stephen Frost
Magnus, all, * Magnus Hagander (mag...@hagander.net) wrote: > On Tue, Jan 2, 2018 at 1:08 PM, Stephen Frost wrote: > > Suggestions on a name for this..? pg_server_copy_program? > > Presumably it would also be used in postgres_fdw, so that seems like a bad > name. Maybe

Re: Add default role 'pg_access_server_files'

2018-01-19 Thread Ryan Murphy
Ok great. Thanks Michael and Stephen for the explanations.

Re: Add default role 'pg_access_server_files'

2018-01-19 Thread Stephen Frost
Michael, all, * Michael Paquier (michael.paqu...@gmail.com) wrote: > On Thu, Jan 18, 2018 at 02:04:45PM +, Ryan Murphy wrote: > > I had not tried this before with my unpatched build of postgres. (In > > retrospect of course I should have). I expected my superuser to be > > able to perform

Re: Add default role 'pg_access_server_files'

2018-01-18 Thread Michael Paquier
On Thu, Jan 18, 2018 at 02:04:45PM +, Ryan Murphy wrote: > I had not tried this before with my unpatched build of postgres. (In > retrospect of course I should have). I expected my superuser to be > able to perform this task, but it seems that for security reasons we > presently don't allow

Re: Add default role 'pg_access_server_files'

2018-01-18 Thread Ryan Murphy
Just circling back on this. I did have a question that came up about the behavior of the server as it is without the patch. I logged into psql with my superuser "postgres": postgres=# select pg_read_file('/Users/postgres/temp'); ERROR: absolute path not allowed I had not tried this

Re: Add default role 'pg_access_server_files'

2018-01-11 Thread Stephen Frost
Thomas, * Thomas Munro (thomas.mu...@enterprisedb.com) wrote: > On Mon, Jan 1, 2018 at 8:19 AM, Stephen Frost wrote: > > This patch adds a new default role called 'pg_access_server_files' which > > allows an administrator to GRANT to a non-superuser role the ability to > >

Re: Add default role 'pg_access_server_files'

2018-01-11 Thread Thomas Munro
On Mon, Jan 1, 2018 at 8:19 AM, Stephen Frost wrote: > Greetings, > > This patch adds a new default role called 'pg_access_server_files' which > allows an administrator to GRANT to a non-superuser role the ability to > access server-side files through PostgreSQL (as the user

Re: Add default role 'pg_access_server_files'

2018-01-06 Thread Ryan Murphy
The following review has been posted through the commitfest application: make installcheck-world: tested, passed Implements feature: tested, passed Spec compliant: not tested Documentation:tested, passed I ran make installcheck-world and all tests passed except one

Re: Add default role 'pg_access_server_files'

2018-01-06 Thread Ryan Murphy
(Duplicated to make sure it's in the commitfest Thread, didn't seem to get in there when I replied to the email) Oops! I made a mistake, which clearly showed up in my last email: I forgot to psql back in as "tester". Now I get the right behavior: $ psql postgres tester postgres=>

Re: Add default role 'pg_access_server_files'

2018-01-06 Thread Ryan Murphy
Oops! I made a mistake, which clearly showed up in my last email: I forgot to psql back in as "tester". Now I get the right behavior: $ psql postgres tester psql (9.4.5, server 11devel) Type "help" for help. postgres=> select pg_read_file('/Users/postgres/temp'); ERROR: absolute path not

Re: Add default role 'pg_access_server_files'

2018-01-06 Thread Ryan Murphy
Hi Stephen, I have another question then based on what you said earlier today, and some testing I did using your patch. TLDR: I created a role "tester" and was (as expected) not able to perform pg_read_file() on files outside the data directory. But then I granted EXECUTE on that function for

Re: Add default role 'pg_access_server_files'

2018-01-06 Thread Stephen Frost
Greetings Ryan! * Ryan Murphy (ryanfmur...@gmail.com) wrote: > Stephen, so far I've read thru your patch and familiarized myself with some > of the auth functionality in pg_authid.h and src/backend/utils/adt/acl.c > > The only question I have so far about your patch is the last several hunks of

Re: Add default role 'pg_access_server_files'

2018-01-06 Thread Ryan Murphy
Stephen, so far I've read thru your patch and familiarized myself with some of the auth functionality in pg_authid.h and src/backend/utils/adt/acl.c The only question I have so far about your patch is the last several hunks of the diff, which remove superuser checks without adding anything

Re: Add default role 'pg_access_server_files'

2018-01-02 Thread Magnus Hagander
On Tue, Jan 2, 2018 at 1:08 PM, Stephen Frost wrote: > Magnus, > > * Magnus Hagander (mag...@hagander.net) wrote: > > On Sun, Dec 31, 2017 at 8:19 PM, Stephen Frost > wrote: > > > This patch adds a new default role called 'pg_access_server_files' > which

Re: Add default role 'pg_access_server_files'

2018-01-02 Thread Stephen Frost
Magnus, * Magnus Hagander (mag...@hagander.net) wrote: > On Sun, Dec 31, 2017 at 8:19 PM, Stephen Frost wrote: > > This patch adds a new default role called 'pg_access_server_files' which > > allows an administrator to GRANT to a non-superuser role the ability to > > access

Re: Add default role 'pg_access_server_files'

2018-01-02 Thread Magnus Hagander
On Sun, Dec 31, 2017 at 8:19 PM, Stephen Frost wrote: > Greetings, > > This patch adds a new default role called 'pg_access_server_files' which > allows an administrator to GRANT to a non-superuser role the ability to > access server-side files through PostgreSQL (as the user