box: remove unnecessary rights from peristent functions
After this patch, the persistent functions "box.schema.user.info" and "LUA" will have the same rights as the user who executed them. The problem was that setuid was unnecessarily set. Because of this, these functions had the same rights as the user who created them. However, they must have the same rights as the user who used them. Fixes tarantool/security#1
Showing
- src/box/bootstrap.snap 0 additions, 0 deletionssrc/box/bootstrap.snap
- src/box/lua/upgrade.lua 30 additions, 0 deletionssrc/box/lua/upgrade.lua
- test/box-py/bootstrap.result 2 additions, 2 deletionstest/box-py/bootstrap.result
- test/box/access.result 36 additions, 0 deletionstest/box/access.result
- test/box/access.test.lua 15 additions, 0 deletionstest/box/access.test.lua
Loading
Please register or sign in to comment