Home > mailing lists

Re: logfile subprocess and Fancy File Functions - Mailing list pgsql-patches

From	Andrew Dunstan
Subject	Re: logfile subprocess and Fancy File Functions
Date	July 24, 2004 16:53:06
Msg-id	410293CD.5040802@dunslane.net Whole thread Raw
In response to	Re: logfile subprocess and Fancy File Functions (Bruce Momjian <pgman@candle.pha.pa.us>)
Responses	Re: logfile subprocess and Fancy File Functions
List	pgsql-patches

Tree view

Bruce Momjian wrote:

>As a super-user, could an attacker load a server-side language and
>access the backend environment variable PGDATA.
>
>

plperl won't do it, but plperlu will (as expected I guess). But the
superuser will have to jump through some explicit hoops in order to get
there, which is different from providing such facilities out of the box.

cheers

andrew

pgsql-patches by date:

From: Tom Lane
Date: 24 July 2004, 16:42:54
Subject: Re: logfile subprocess and Fancy File Functions

From: Bruce Momjian
Date: 24 July 2004, 16:55:29
Subject: Re: logfile subprocess and Fancy File Functions

Re: logfile subprocess and Fancy File Functions - Mailing list pgsql-patches

Previous

Next