diff options
author | antirez <antirez@gmail.com> | 2019-01-29 10:12:22 +0100 |
---|---|---|
committer | antirez <antirez@gmail.com> | 2019-01-29 10:12:22 +0100 |
commit | 4380423d40afa9c12e8018b7d5da4fe0f5ce5c3e (patch) | |
tree | c400c20515d5c559e680f279ee93dc5808993258 | |
parent | acd168a70b647098c4976283963e46cd1e8af158 (diff) | |
download | redis-4380423d40afa9c12e8018b7d5da4fe0f5ce5c3e.tar.gz |
ACL: enforce ACLs in Lua scripts as well.
-rw-r--r-- | src/scripting.c | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/src/scripting.c b/src/scripting.c index f6df38400..cbbf43fb1 100644 --- a/src/scripting.c +++ b/src/scripting.c @@ -460,6 +460,7 @@ int luaRedisGenericCommand(lua_State *lua, int raise_error) { /* Setup our fake client for command execution */ c->argv = argv; c->argc = argc; + c->user = server.lua_caller->user; /* Log the command if debugging is active. */ if (ldb.active && ldb.step) { @@ -497,6 +498,19 @@ int luaRedisGenericCommand(lua_State *lua, int raise_error) { goto cleanup; } + /* Check the ACLs. */ + int acl_retval = ACLCheckCommandPerm(c); + if (acl_retval != ACL_OK) { + if (acl_retval == ACL_DENIED_CMD) + luaPushError(lua, "The user executing the script can't run this " + "command or subcommand"); + else + luaPushError(lua, "The user executing the script can't access " + "at least one of the keys mentioned in the " + "command arguments"); + goto cleanup; + } + /* Write commands are forbidden against read-only slaves, or if a * command marked as non-deterministic was already called in the context * of this script. */ @@ -655,6 +669,8 @@ cleanup: argv_size = 0; } + c->user = NULL; + if (raise_error) { /* If we are here we should have an error in the stack, in the * form of a table with an "err" field. Extract the string to |