From a41e46b26167d819047c8e06b7f0bace6afce198 Mon Sep 17 00:00:00 2001
From: Tom Lane <tgl@sss.pgh.pa.us>
Date: Mon, 27 Aug 2007 01:24:50 +0000
Subject: [PATCH] Require SELECT privilege on a table to do dblink_get_pkey(). 
 This is not all that exciting when the system catalogs are readable by all,
 but some people try to lock them down, and would not like this sort of end
 run ...

---
 contrib/dblink/dblink.c | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/contrib/dblink/dblink.c b/contrib/dblink/dblink.c
index 190c7005d64..295a7797725 100644
--- a/contrib/dblink/dblink.c
+++ b/contrib/dblink/dblink.c
@@ -8,7 +8,7 @@
  * Darko Prenosil <Darko.Prenosil@finteh.hr>
  * Shridhar Daithankar <shridhar_daithankar@persistent.co.in>
  *
- * $PostgreSQL: pgsql/contrib/dblink/dblink.c,v 1.64 2007/07/08 17:12:38 joe Exp $
+ * $PostgreSQL: pgsql/contrib/dblink/dblink.c,v 1.65 2007/08/27 01:24:50 tgl Exp $
  * Copyright (c) 2001-2007, PostgreSQL Global Development Group
  * ALL RIGHTS RESERVED;
  *
@@ -51,6 +51,7 @@
 #include "nodes/pg_list.h"
 #include "parser/parse_type.h"
 #include "tcop/tcopprot.h"
+#include "utils/acl.h"
 #include "utils/array.h"
 #include "utils/builtins.h"
 #include "utils/dynahash.h"
@@ -1686,9 +1687,17 @@ get_pkey_attnames(Oid relid, int16 *numatts)
 	char	  **result = NULL;
 	Relation	rel;
 	TupleDesc	tupdesc;
+	AclResult	aclresult;
 
-	/* open relation using relid, get tupdesc */
+	/* open relation using relid, check permissions, get tupdesc */
 	rel = relation_open(relid, AccessShareLock);
+
+	aclresult = pg_class_aclcheck(RelationGetRelid(rel), GetUserId(),
+								  ACL_SELECT);
+	if (aclresult != ACLCHECK_OK)
+		aclcheck_error(aclresult, ACL_KIND_CLASS,
+					   RelationGetRelationName(rel));
+
 	tupdesc = rel->rd_att;
 
 	/* initialize numatts to 0 in case no primary key exists */
-- 
GitLab