Home > mailing lists

Re: Potential vuln in example for "F.25.1.1. digest()" - Mailing list pgsql-docs

From	Tom Lane
Subject	Re: Potential vuln in example for "F.25.1.1. digest()"
Date	August 17, 2021 21:33:17
Msg-id	1368591.1629225197@sss.pgh.pa.us Whole thread Raw
In response to	Re: Potential vuln in example for "F.25.1.1. digest()" ("David G. Johnston" <david.g.johnston@gmail.com>)
List	pgsql-docs

Tree view

"David G. Johnston" <david.g.johnston@gmail.com> writes:
> On Tuesday, August 17, 2021, PG Doc comments form <noreply@postgresql.org>
> wrote:
>> in "F.25.1.1. digest()" you suggest:
>>
>> CREATE OR REPLACE FUNCTION sha1(bytea) returns text AS $$
>> SELECT encode(digest($1, 'sha1'), 'hex')
>> $$ LANGUAGE SQL STRICT IMMUTABLE;
>>
>> While this is a great example, it may expose a database app to
>> vulnerabilities if the attacker succeeds in overriding the function
>> sha1(...) in the app's user context (schema)

> You should read this:
> https://wiki.postgresql.org/wiki/A_Guide_to_CVE-2018-1058%3A_Protect_Your_Search_Path

Yeah.  I can't get terribly excited about trying to make this one
example unconditionally-secure; there are dozens if not hundreds
of similar cases in our docs.  Trying to make them all safe
against insecure search paths would mostly result in unreadable
examples.

            regards, tom lane

pgsql-docs by date:

From: "David G. Johnston"
Date: 17 August 2021, 21:06:34
Subject: Re: Potential vuln in example for "F.25.1.1. digest()"

From: PG Doc comments form
Date: 18 August 2021, 01:32:42
Subject: Unclear\mistakable description of UPDATE behaviour in "13.2.1. Read Committed Isolation Level"

Re: Potential vuln in example for "F.25.1.1. digest()" - Mailing list pgsql-docs

Previous

Next