Re: Addressing SECURITY DEFINER Function Vulnerabilities in PostgreSQL Extensions - Mailing list pgsql-hackers

From Robert Haas
Subject Re: Addressing SECURITY DEFINER Function Vulnerabilities in PostgreSQL Extensions
Date
Msg-id CA+TgmobOa_Fvf1_W=9d3qz9z8+RNBwSQHex10Vu7Cj-xqEKYSg@mail.gmail.com
Whole thread Raw
In response to Re: Addressing SECURITY DEFINER Function Vulnerabilities in PostgreSQL Extensions  (Ashutosh Sharma <ashu.coek88@gmail.com>)
Responses Re: Addressing SECURITY DEFINER Function Vulnerabilities in PostgreSQL Extensions
List pgsql-hackers
On Tue, Jul 16, 2024 at 1:55 AM Ashutosh Sharma <ashu.coek88@gmail.com> wrote:
> Just to confirm, are you suggesting to remove the protected flag and
> set the default search_path (as $extension_schema,) for all functions
> within an extension where no explicit search_path is set?

No, I'm not saying that. In fact I'm not sure we should have the
protected flag at all.

> In addition
> to that, also allow users to explicitly set $extension_schema as the
> search_path and bypass resolution of $extension_schema for objects
> outside the extension?

Yes, I'm saying that.

--
Robert Haas
EDB: http://www.enterprisedb.com



pgsql-hackers by date:

Previous
From: Robert Haas
Date:
Subject: Re: Parent/child context relation in pg_get_backend_memory_contexts()
Next
From: Joe Conway
Date:
Subject: Re: CI, macports, darwin version problems