diff options
| author | Noah Misch <noah@leadboat.com> | 2017-05-08 07:24:24 -0700 |
|---|---|---|
| committer | Noah Misch <noah@leadboat.com> | 2017-05-08 07:24:24 -0700 |
| commit | 3eefc51053f250837c3115c12f8119d16881a2d7 (patch) | |
| tree | c626dd3c72e3c47364a9b2e615030ddb1b89b4b8 /doc/src | |
| parent | 0170b10dff04e0f50f5522c377a4d10d4424155c (diff) | |
Match pg_user_mappings limits to information_schema.user_mapping_options.
Both views replace the umoptions field with NULL when the user does not
meet qualifications to see it. They used different qualifications, and
pg_user_mappings documented qualifications did not match its implemented
qualifications. Make its documentation and implementation match those
of user_mapping_options. One might argue for stronger qualifications,
but these have long, documented tenure. pg_user_mappings has always
exhibited this problem, so back-patch to 9.2 (all supported versions).
Michael Paquier and Feike Steenbergen. Reviewed by Jeff Janes.
Reported by Andrew Wheelwright.
Security: CVE-2017-7486
Diffstat (limited to 'doc/src')
| -rw-r--r-- | doc/src/sgml/catalogs.sgml | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/doc/src/sgml/catalogs.sgml b/doc/src/sgml/catalogs.sgml index 787fcbd51ac..aa5e705e574 100644 --- a/doc/src/sgml/catalogs.sgml +++ b/doc/src/sgml/catalogs.sgml @@ -11084,8 +11084,11 @@ SELECT * FROM pg_locks pl LEFT JOIN pg_prepared_xacts ppx <entry></entry> <entry> User mapping specific options, as <quote>keyword=value</> - strings, if the current user is the owner of the foreign - server, else null + strings. This column will show as null unless the current user + is the user being mapped, or the mapping is for + <literal>PUBLIC</literal> and the current user is the server + owner, or the current user is a superuser. The intent is + to protect password information stored as user mapping option. </entry> </row> </tbody> |