Re: Dumping an Extension's Script - Mailing list pgsql-hackers

From Tom Lane
Subject Re: Dumping an Extension's Script
Date
Msg-id 12952.1354742441@sss.pgh.pa.us
Whole thread Raw
In response to Re: Dumping an Extension's Script  (Dimitri Fontaine <dimitri@2ndQuadrant.fr>)
Responses Re: Dumping an Extension's Script
List pgsql-hackers
Dimitri Fontaine <dimitri@2ndQuadrant.fr> writes:
>> On 2012-12-05 13:18:16 -0500, Tom Lane wrote:
>>> I think you're wasting your time to imagine that that case will ever be
>>> "fixed".  Allowing the server to scribble on executable files would set
>>> off all kinds of security alarm bells, and rightly so.  If Postgres ever
>>> did ship with such a thing, I rather imagine that I'd be required to
>>> patch it out of Red Hat releases (not that SELinux wouldn't prevent
>>> it from happening anyway).

> That part I did understand. I still can't be happy about it, but I won't
> get back with any proposal where that's put into questions. That said,
> while you're talking about it, what if it's an opt-in GUC?

GUC or no GUC, it'd still be letting an unprivileged network-exposed
application (PG) do something that's against any sane system-level
security policy.  Lipstick is not gonna help this pig.
        regards, tom lane



pgsql-hackers by date:

Previous
From: Tom Lane
Date:
Subject: Re: Dumping an Extension's Script
Next
From: Stefan Kaltenbrunner
Date:
Subject: strange isolation test buildfarm failure on guaibasaurus