�R���e���c

�O���R���e���c

�A�N�Z�X�J�E���^

  • ���v: 6,146,821
  • ����: 1,400
  • ���: 1,480
�� �� 2010�N 02�� �� ��
�����������y��
1 2 3 4 5 6 7
8 9 10 11 12 13 14
15 16 17 18 19 20 21
22 23 24 25 26 27 28

�ŋ߂̋L��

�J�e�S��

Apache ���񋟂�����𐧌����� ServerTokens ��

�T�[�o�̖h�q�̊�{�Ƃ��āA�u�U���҂ɑ����̏���񋟂��Ȃ��v�Ƃ������̂�����܂��B

�����ɓ��Ă͂߂�΁w�Ƃ��炵�x�w�����̌ߑO���͗��炪�����x�w�Z�R�����Ă܂���x�Ȃǂ̏��� �ɗ͒m���Ȃ������ǂ��A�Ƃ����̂Ɠ����ł��ˁB

����� Web �T�[�o Apache �̏�񐧌��ł��B

CentOS �Ȃǂł́A Apache ���C���X�g�[������� �f�t�H���g�ł� ServerTokens �f�B���N�e�B�u�͎��̂悤�� "OS" ���ݒ肳��Ă��܂��B �i�ݒ�t�@�C���� /etc/httpd/conf/httpd.conf �ł��j 

ServerTokens OS

���̏ꍇ�AWeb�T�[�o�ɃA�N�Z�X����Ǝ��̂悤�Ȓl���߂�܂��B 

HTTP/1.1 403 Forbidden
Date: Tue, 02 Feb 2010 05:36:28 GMT
Server: Apache/2.2.3 (CentOS)
Accept-Ranges: bytes
Content-Length: 5043
Connection: close
Content-Type: text/html; charset=UTF-8

Server: ������� "Apache/2.2.3 (CentOS)" �̂悤�� �o�[�W�����ԍ����� OS �܂� �o�͂��Ă��܂��Ă��܂��B

����ł́A���� 2.2.3 �ɏd��ȃZ�L�����e�B�z�[�����������ꍇ�A�_���Ă��������� �����Ă�悤�Ȃ��̂ł���ˁB

�Ƃ����킯�ŁA�����\�������Ȃ��悤�ɕύX���܂��B 

ServerTokens ProductOnly

���̂悤�ɐݒ肷��ƁA�\���� "Apache" �����ɂȂ�܂��B 

HTTP/1.1 403 Forbidden
Date: Tue, 02 Feb 2010 05:38:45 GMT
Server: Apache
Accept-Ranges: bytes
Content-Length: 5043
Connection: close
Content-Type: text/html; charset=UTF-8

ServerTokens �f�B���N�e�B�u�� �f�t�H���g�l�� "Full" �ŁA ����ȏ�͉B���Ȃ��悤�ł��B

���Ȃ݂ɂ��̐ݒ�� ServerSignature �̕\�����e�ɂ��e�����܂��B ServerSignature �ɂ‚��ẮA�܂�����B

Apache 2010/02/07

PostgreSQL �̃Z�b�V�����̏������o���֐�

PostgreSQL �ɂ� SQL �ŃZ�b�V�����̏����擾����֐��� �F�X�ƒ�`����Ă��܂��B �ȒP�ɏЉ�Ă��������Ǝv���܂��B

version()

�ڑ����� PostgreSQL �T�[�o�̃o�[�W�����̕������Ԃ��܂��B 

db1=# SELECT version();
                                                version            
-------------------------------------------------------------------
 PostgreSQL 8.3.5 on i386-redhat-linux-gnu, compiled by GCC gcc (GC
(1 row)

current_database()

�ڑ����� �f�[�^�x�[�X�̖��O��Ԃ��܂��B 

$ psql db1 postgres

db1=# SELECT current_database();
 current_database
------------------
 db1
(1 row)

current_schema()

���݂̃X�L�[�}����Ԃ��܂��B

�ڑ���������́Apostgresql.conf �� search_path �p�����[�^�� ��`�Ɉˑ������l��Ԃ��܂��B �����p�X����̏ꍇ�� NULL ��Ԃ��܂��B 

db1=# SELECT current_schema();
 current_schema
----------------
 public
(1 row)

CREATE TABLE �Ȃǂ�����ۂɁA�X�L�[�}���𖾎��I�� ��`���Ȃ��ꍇ�A���̃X�L�[�}�����ݒ肳��܂��B

�����p�X�� set �ŕς��邱�Ƃ��ł��܂��B 

db1=# set search_path = 'hogehoge';

db1=# SELECT current_schema();
 current_schema
----------------
 hogehoge
(1 row)

db1=# set search_path = 'public','hogehoge';

db1=# SELECT current_schema();
 current_schema
----------------
 public
(1 row)

�����p�X�ɃX�L�[�}�𕡐��w�肵���ꍇ�́A�擪�̃X�L�[�}�� ���݂̃X�L�[�}�ƂȂ�܂��B

current_schemas(boolean)

�����p�X���̃X�L�[�}��Ԃ��܂��B boolean �� true ���Z�b�g����ƈÖق̃X�L�[�}���Ԃ��܂��B 

db1=# SELECT current_schemas(false);
 current_schemas
-----------------
 {postgres,public}
(1 row)

db1=# SELECT current_schemas(true);
 current_schemas
-----------------
 {pg_catalog,postgres,public}
(1 row)

session_user

�f�[�^�x�[�X�ɐڑ��������[�U����Ԃ��܂��B 

$ psql db1 postgres

db1=# SELECT session_user;
 session_user
--------------
 postgres
(1 row)

db1=# \q

$ psql db1 hogehoge

db1=# SELECT session_user;
 session_user
--------------
 hogehoge
(1 row)

current_user, user

current_user �� user �͓����ł��B

current_user �́A���ݎ��s���Ă��郆�[�U����Ԃ��܂��B �ʏ�� session_user �Ɠ����ł����A SECURITY DEFINER �������t�����֐������s�����ꍇ�� �Ԃ��l������Ă��܂��B SECURITY DEFINER �����́A�֐����쐬�������[�U�̌����� ���s����I�v�V�����ł��B 

$ psql db1 postgres

db1=# SELECT session_user, current_user;
 session_user | current_user
--------------+--------------
 postgres     | postgres
(1 row)

SECURITY DEFINER ������t�����֐� test1() �� �t���Ă��Ȃ� test2() �� hogehoge ���[�U�ō쐬���Ă݂܂��B 

$ psql db1 hogehoge

db1=# SCREATE FUNCTION test1() RETURNS name
AS 'SELECT current_user;'
SECURITY DEFINER
LANGUAGE SQL
;
CREATE FUNCTION

db1=# SCREATE FUNCTION test2() RETURNS name
AS 'SELECT current_user;'
LANGUAGE SQL
;
CREATE FUNCTION

����� postgres ���[�U�Ŏ��s���܂��B 

$ psql db1 postgres

db1=# select test1();
 test1
-----------
 hogehoge
(1 row)

db1=# select test2();
 test1
-----------
 postgres
(1 row)

�قȂ�l��Ԃ��܂����B ���̂悤�Ɏ��ۂɎ��s���Ă��錠�����m�F����ꍇ�� current_user ���g�p���܂��B

�܂��Asession_user ���܂߁A���[�U�n�͓���ŁA���� () ��t������ �Ăяo���K�v������̂Œ��ӂ��܂��傤�B

PostgreSQL 2010/02/07

Google �T�C�g������

Amazon�A�\�V�G�C�g