Noah Misch a117cebd63 Make relation-enumerating operations be security-restricted operations. ... When a feature enumerates relations and runs functions associated with all found relations, the feature's user shall not need to trust every user having permission to create objects. BRIN-specific functionality in autovacuum neglected to account for this, as did pg_amcheck and CLUSTER. An attacker having permission to create non-temp objects in at least one schema could execute arbitrary SQL functions under the identity of the bootstrap superuser. CREATE INDEX (not a relation-enumerating operation) and REINDEX protected themselves too late. This change extends to the non-enumerating amcheck interface. Back-patch to v10 (all supported versions). Sergey Shinderuk, reviewed (in earlier versions) by Alexander Lakhin. Reported by Alexander Lakhin. Security: CVE-2022-1552		2022-05-09 08:35:08 -07:00
..
expected	Make relation-enumerating operations be security-restricted operations.	2022-05-09 08:35:08 -07:00
sql	Make relation-enumerating operations be security-restricted operations.	2022-05-09 08:35:08 -07:00
t	Harden TAP tests that intentionally corrupt page checksums.	2022-03-25 14:23:26 -04:00
.gitignore	Add .gitignore to contrib/amcheck.	2017-03-09 22:45:24 -05:00
Makefile	Extend amcheck to check heap pages.	2020-10-22 08:44:18 -04:00
amcheck--1.0--1.1.sql	Add amcheck verification of heap relations belonging to btree indexes.	2018-03-31 19:52:01 -07:00
amcheck--1.0.sql	Add amcheck extension to contrib.	2017-03-09 16:33:02 -08:00
amcheck--1.1--1.2.sql	Allow amcheck to re-find tuples using new search.	2019-03-20 10:41:36 -07:00
amcheck--1.2--1.3.sql	Extend amcheck to check heap pages.	2020-10-22 08:44:18 -04:00
amcheck.control	Extend amcheck to check heap pages.	2020-10-22 08:44:18 -04:00
verify_heapam.c	Simplify SRFs using materialize mode in contrib/ modules	2022-03-08 10:12:22 +09:00
verify_nbtree.c	Make relation-enumerating operations be security-restricted operations.	2022-05-09 08:35:08 -07:00