Home > mailing lists

Re: [HACKERS] [PATCH] Re: Setuid functions - Mailing list pgsql-patches

From	Mark Volpe
Subject	Re: [HACKERS] [PATCH] Re: Setuid functions
Date	July 13, 2001 16:53:48
Msg-id	3B4DEF3D.AF19D7D1@epa.gov Whole thread Raw
In response to	Re: [HACKERS] [PATCH] Re: Setuid functions (Bruce Momjian <pgman@candle.pha.pa.us>)
List	pgsql-patches

Tree view

Might as well just get rid of that one; Peter's right about the security hole.

The simplest fix I see is to allow SET AUTHORIZATION only in superuser-owned
functions. It would still be potentially useful that way. Doing this the
"right" way (with users needing regrantable privileges, etc.) would involve
too much effort for too little reward, IMHO.

Mark

Bruce Momjian wrote:
>
> I am backing out this SET AUTHORIZATION patch until we can resolve the
> security issues.  It will remain in the patch queue at:
>
>         http://candle.pha.pa.us/cgi-bin/pgpatches
>

pgsql-patches by date:

From: Martijn van Oosterhout
Date: 13 July 2001, 16:53:41
Subject: Patch to add support for partial indices

From: Mark Volpe
Date: 13 July 2001, 17:01:33
Subject: Re: Re: [HACKERS] [PATCH] Re: Setuid functions

Re: [HACKERS] [PATCH] Re: Setuid functions - Mailing list pgsql-patches

Previous

Next