Release 2.25.1.0-b44: [#25348] YSQL: add flag to block dangerous roles · yugabyte/yugabyte-db

2.25.1.0-b44
d7202ab
Choose a tag to compare

Filter

View all tags

2.25.1.0-b44: [#25348] YSQL: add flag to block dangerous roles

2.25.1.0-b44
d7202ab
Choose a tag to compare

Filter

View all tags

jaki tagged this 18 Dec 01:33

Summary:
Add a new tserver flag --ysql_block_dangerous_roles to prevent roles
from becoming members of the following system roles:

- pg_read_all_data
- pg_write_all_data
- pg_read_server_files
- pg_write_server_files
- pg_execute_server_program

In an environment that does not allow superusers and uses yb_db_admin
(such as multitenancy or YBM), having the abilities of the above system
roles can potentially escalate privileges.

Since it is not problematic to have the above system roles become
members of other roles, leave that unblocked.  Also, permit REVOKE of
these dangerous roles from user roles.
Jira: DB-14566

Test Plan:
On Almalinux 8:

    ./yb_build.sh fastdebug --gcc11 \
      --gtest_filter PgLibPqTest.BlockDangerousRoles

Close: #25348

Reviewers: smishra, telgersma

Reviewed By: telgersma

Subscribers: ybase, yql

Differential Revision: https://phorge.dev.yugabyte.com/D40693

Assets 2

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Choose a tag to compare

Sorry, something went wrong.

Sorry, something went wrong.

Uh oh!

No results found

Choose a tag to compare

Sorry, something went wrong.

Sorry, something went wrong.

Uh oh!

No results found

Uh oh!