On Wed, Jul 11, 2018 at 03:46:56PM +0300, Vladimir Davydov wrote:
On Tue, Jul 10, 2018 at 09:49:14AM +0300, Kirill Shcherbatov wrote:
@@ -318,7 +320,19 @@ module_reload(const char *package, const char
*package_end, struct module **modu
struct func *func, *tmp_func;
rlist_foreach_entry_safe(func, &old_module->funcs, item, tmp_func) {
struct func_name name;
- func_split_name(func->def->name, &name);
+ const char *func_name = func->def->name;
+ func_split_name(func_name, &name);
+
+ /*
+ * Allow to reload only functions that belongs to
+ * current user. Skip other.
+ */
+ struct func *dummy;
+ if (check_access &&
+ box_func_check_access(func_name, strlen(func_name),
+ &dummy) != 0)
+ continue;
+
AFAIU a user may reload a whole module only if he has the global EXECUTE
privilege (because we don't have such an entity as module in our data
dictionary to grant access rights for). access_check_func(), which is
called by func_reload(), already checks the global EXECUTE privilege and
returns 0 (success) if it is set, no matter if the function was found or
not. So all you have to do is call module_reload() from func_reload() if
access_check_func() returned func = NULL, no?