Home > mailing lists

Re: pg_settings.sourcefile patch is a security breach - Mailing list pgsql-hackers

From	Magnus Hagander
Subject	Re: pg_settings.sourcefile patch is a security breach
Date	September 21, 2008 18:38:52
Msg-id	48D694B4.3010504@hagander.net Whole thread Raw
In response to	pg_settings.sourcefile patch is a security breach (Tom Lane <tgl@sss.pgh.pa.us>)
Responses	Re: pg_settings.sourcefile patch is a security breach (Magnus Hagander <magnus@hagander.net>)
List	pgsql-hackers

Tree view

Tom Lane wrote:
> We go to some lengths to prevent non-superusers from examining
> data_directory and other values that would tell them exactly where the
> PG data directory is in the server's filesystem.  The recently applied
> patch to expose full pathnames of GUC variables' source files blows a
> hole a mile wide in that.
> 
> Possible answers: don't show the path, only the file name; or
> show sourcefile/sourceline as NULL to non-superusers.

My vote goes for showing it as NULL to non-superusers. If we remove the
path, that makes it pretty darn useless for admin tools - which was the
main reason it was added in the first place..

And "showing full path for superuser, just filename for non-superusers"
just seems to be way too ugly to consider :-)

//Magnus

pgsql-hackers by date:

From: Tom Lane
Date: 21 September 2008, 18:25:13
Subject: pg_settings.sourcefile patch is a security breach

From: "Dmitry Koterov"
Date: 21 September 2008, 18:50:02
Subject: Re: Foreign key constraint for array-field?

Re: pg_settings.sourcefile patch is a security breach - Mailing list pgsql-hackers

Previous

Next