Re: dblink connection security - Mailing list pgsql-patches

From Stephen Frost
Subject Re: dblink connection security
Date
Msg-id 20070709044518.GV4887@tamriel.snowman.net
Whole thread Raw
In response to Re: dblink connection security  (Joe Conway <mail@joeconway.com>)
Responses Re: dblink connection security  (Joe Conway <mail@joeconway.com>)
List pgsql-patches
* Joe Conway (mail@joeconway.com) wrote:
> Stephen Frost wrote:
>> I see..  So all the functions in untrusted languages that come with PG
>> initially should be checked over by every sysadmin when installing PG
>> every time...  And the same for PostGIS, and all of the PL's that use
>> untrusted languages?
>
> There are none installed by default -- that's the point.

Uhh...  None what?  Functions in untrusted languages?  That's certainly
not the case, there's a whole slew of them, from boolin to
generate_series and beyond.  They're available to regular users, even!

Or do you mean that there are no known-insecure functions which are
installed and enabled for users to use by default?  I'd have to agree
with you there in general, would kind of like to keep it that way too.

Perhaps you're referring to PLs, but then, I thought trusted PLs were
safe, but they're written using untrusted languages!  Are they safe, or
not?  Safe to use, but not safe to install?

>> On my pretty modest install that's 2,206 functions.  For some reason I
>> see something of a difference between 'generate_series' and 'dblink' in
>> terms of security and which one I'm comfortable having enabled by
>> default and which one I'm not.
>
> generate_series is a built in function. We aren't discussing those.

Uh, it's written in an untrusted language, isn't it?  Us poor sysadmins
are supposed to review all of them before letting users have access to
them, aren't we?  Now I'm just completely confused as to the distinction
you're making here.  Are functions in untrusted languages are problem,
or not?

    Thanks,

        Stephen

Attachment

pgsql-patches by date:

Previous
From: Joe Conway
Date:
Subject: Re: dblink connection security
Next
From: Gregory Stark
Date:
Subject: Re: dblink connection security