rdelaage/postgresql
1
0
Fork 0
mirror of https://git.postgresql.org/git/postgresql.git synced 2024-09-04 15:27:21 +02:00
Code Issues Packages Projects Releases Wiki Activity

Force certain "pljava" custom GUCs to be PGC_SUSET.

Browse Source 
Future PL/Java versions will close CVE-2016-0766 by making these GUCs
PGC_SUSET.  This PostgreSQL change independently mitigates that PL/Java
vulnerability, helping sites that update PostgreSQL more frequently than
PL/Java.  Back-patch to 9.1 (all supported versions).
This commit is contained in:
Noah Misch 2016-02-05 20:22:51 -05:00
parent 37e6946329
commit 0089dd34aa
1 changed files with 11 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
src/backend/utils/misc/guc.c
View File

@ -7224,6 +7224,17 @@ init_custom_variable(const char *name,
!process_shared_preload_libraries_in_progress)
elog(FATAL, "cannot create PGC_POSTMASTER variables after startup");
/*
* Before pljava commit 398f3b876ed402bdaec8bc804f29e2be95c75139
* (2015-12-15), two of that module's PGC_USERSET variables facilitated
* trivial escalation to superuser privileges. Restrict the variables to
* protect sites that have yet to upgrade pljava.
*/
if (context == PGC_USERSET &&
(strcmp(name, "pljava.classpath") == 0 ||
strcmp(name, "pljava.vmoptions") == 0))
context = PGC_SUSET;
gen = (struct config_generic *) guc_malloc(ERROR, sz);
memset(gen, 0, sz);