Home > mailing lists

Re: Privilege escalation via LOAD - Mailing list pgsql-bugs

From	Tom Lane
Subject	Re: Privilege escalation via LOAD
Date	January 24, 2005 19:05:42
Msg-id	21745.1106582720@sss.pgh.pa.us Whole thread Raw
In response to	Privilege escalation via LOAD (John Heasman <john@ngssoftware.com>)
Responses	Re: Privilege escalation via LOAD (Peter Eisentraut <peter_e@gmx.net>)
List	pgsql-bugs

Tree view

John Heasman <john@ngssoftware.com> writes:
> It appears that low privileged users can invoke the LOAD extension to load
> arbitrary libraries into the postgres process space.

Hmm.  Creating C functions is restricted to superusers, but I guess no
one ever noticed that LOAD isn't.  On a platform where that can execute
initialization functions this does seem like a security issue.

            regards, tom lane

pgsql-bugs by date:

From: Jeff Ross
Date: 24 January 2005, 19:03:32
Subject: Re: 8.0.0 gmake check fails if on disk, passes on ram disk....

From: Tom Lane
Date: 24 January 2005, 19:17:08
Subject: Re: 8.0.0 gmake check fails if on disk, passes on ram disk....

Re: Privilege escalation via LOAD - Mailing list pgsql-bugs

Previous

Next