diff options
Diffstat (limited to 'src/test/modules')
| -rw-r--r-- | src/test/modules/unsafe_tests/Makefile | 5 | ||||
| -rw-r--r-- | src/test/modules/unsafe_tests/expected/setconfig.out | 31 | ||||
| -rw-r--r-- | src/test/modules/unsafe_tests/sql/setconfig.sql | 24 |
3 files changed, 59 insertions, 1 deletions
diff --git a/src/test/modules/unsafe_tests/Makefile b/src/test/modules/unsafe_tests/Makefile index 69d12984382..f12e6ecbf2e 100644 --- a/src/test/modules/unsafe_tests/Makefile +++ b/src/test/modules/unsafe_tests/Makefile @@ -1,6 +1,9 @@ # src/test/modules/unsafe_tests/Makefile -REGRESS = rolenames +REGRESS = rolenames setconfig +REGRESS_OPTS = \ + --create-role=regress_authenticated_user_sr \ + --create-role=regress_authenticated_user_ssa # the whole point of these tests is to not run installcheck NO_INSTALLCHECK = 1 diff --git a/src/test/modules/unsafe_tests/expected/setconfig.out b/src/test/modules/unsafe_tests/expected/setconfig.out new file mode 100644 index 00000000000..6a021d9ad03 --- /dev/null +++ b/src/test/modules/unsafe_tests/expected/setconfig.out @@ -0,0 +1,31 @@ +-- This is borderline unsafe in that an additional login-capable user exists +-- during the test run. Under installcheck, a too-permissive pg_hba.conf +-- might allow unwanted logins as regress_authenticated_user_ssa. +ALTER USER regress_authenticated_user_ssa superuser; +CREATE ROLE regress_session_user; +CREATE ROLE regress_current_user; +GRANT regress_current_user TO regress_authenticated_user_sr; +GRANT regress_session_user TO regress_authenticated_user_ssa; +ALTER ROLE regress_authenticated_user_ssa + SET session_authorization = regress_session_user; +ALTER ROLE regress_authenticated_user_sr SET ROLE = regress_current_user; +\c - regress_authenticated_user_sr +SELECT current_user, session_user; + current_user | session_user +----------------------+------------------------------- + regress_current_user | regress_authenticated_user_sr +(1 row) + +-- The longstanding historical behavior is that session_authorization in +-- setconfig has no effect. Hence, session_user remains +-- regress_authenticated_user_ssa. See comment in InitializeSessionUserId(). +\c - regress_authenticated_user_ssa +SELECT current_user, session_user; + current_user | session_user +--------------------------------+-------------------------------- + regress_authenticated_user_ssa | regress_authenticated_user_ssa +(1 row) + +RESET SESSION AUTHORIZATION; +DROP USER regress_session_user; +DROP USER regress_current_user; diff --git a/src/test/modules/unsafe_tests/sql/setconfig.sql b/src/test/modules/unsafe_tests/sql/setconfig.sql new file mode 100644 index 00000000000..8817a7c7636 --- /dev/null +++ b/src/test/modules/unsafe_tests/sql/setconfig.sql @@ -0,0 +1,24 @@ +-- This is borderline unsafe in that an additional login-capable user exists +-- during the test run. Under installcheck, a too-permissive pg_hba.conf +-- might allow unwanted logins as regress_authenticated_user_ssa. + +ALTER USER regress_authenticated_user_ssa superuser; +CREATE ROLE regress_session_user; +CREATE ROLE regress_current_user; +GRANT regress_current_user TO regress_authenticated_user_sr; +GRANT regress_session_user TO regress_authenticated_user_ssa; +ALTER ROLE regress_authenticated_user_ssa + SET session_authorization = regress_session_user; +ALTER ROLE regress_authenticated_user_sr SET ROLE = regress_current_user; + +\c - regress_authenticated_user_sr +SELECT current_user, session_user; + +-- The longstanding historical behavior is that session_authorization in +-- setconfig has no effect. Hence, session_user remains +-- regress_authenticated_user_ssa. See comment in InitializeSessionUserId(). +\c - regress_authenticated_user_ssa +SELECT current_user, session_user; +RESET SESSION AUTHORIZATION; +DROP USER regress_session_user; +DROP USER regress_current_user; |