Home > mailing lists

Re: Directory/File Access Permissions for COPY and Generic File Access Functions - Mailing list pgsql-hackers

From	Tom Lane
Subject	Re: Directory/File Access Permissions for COPY and Generic File Access Functions
Date	October 29, 2014 19:09:18
Msg-id	25457.1414598940@sss.pgh.pa.us Whole thread Raw
In response to	Re: Directory/File Access Permissions for COPY and Generic File Access Functions (Stephen Frost <sfrost@snowman.net>)
Responses	Re: Directory/File Access Permissions for COPY and Generic File Access Functions Re: Directory/File Access Permissions for COPY and Generic File Access Functions
List	pgsql-hackers

Tree view

Stephen Frost <sfrost@snowman.net> writes:
> * Robert Haas (robertmhaas@gmail.com) wrote:
>> I think the question is "just how innumerable are those attack
>> routes"?  So, we can prevent a symlink from being used via O_NOFOLLOW.
>> But what about hard links?

> You can't hard link to files you don't own.

That restriction exists on only some platforms.  Current OS X for instance
seems perfectly willing to allow it (suggesting that most BSDen probably
do likewise), and I see no language supporting your claim in the POSIX
spec for link(2).

This points up the fact that platform-specific security holes are likely
to be a huge part of the problem.  I won't even speculate about our odds
of building something that's secure on Windows.
        regards, tom lane

pgsql-hackers by date:

From: Andres Freund
Date: 29 October 2014, 19:07:47
Subject: Re: Directory/File Access Permissions for COPY and Generic File Access Functions

From: Stephen Frost
Date: 29 October 2014, 19:10:06
Subject: Re: Directory/File Access Permissions for COPY and Generic File Access Functions

Re: Directory/File Access Permissions for COPY and Generic File Access Functions - Mailing list pgsql-hackers

Previous

Next