Re: LISTEN/NOTIFY Security and the docs - Mailing list pgsql-hackers

From Magnus Hagander
Subject Re: LISTEN/NOTIFY Security and the docs
Date
Msg-id CABUevEyAiRR0HhKseVemksTn_5PZLf860hYXhYYpphwJK8pzJg@mail.gmail.com
Whole thread Raw
In response to LISTEN/NOTIFY Security and the docs  (Chander Ganesan <chander@otg-nc.com>)
Responses Re: LISTEN/NOTIFY Security and the docs
List pgsql-hackers
On Fri, May 18, 2012 at 5:08 PM, Chander Ganesan <chander@otg-nc.com> wrote:
> Hi All,
>
> I just realized that anyone can listen for notifications (using listen) so
> long as they know the "channel" name.  This means that a user could receive
> and view the payload for another user.
>
> Perhaps it would be good to note this in the documentation (i.e., there
> should be no expectation of privacy/security when using listen/notify, so
> any user that can connect to a database could issue and receive
> notifications for any channel.)

Might be worth a note, yes. The lack of a note really should tell you
that it's a broadcast, but it wouldn't hurt to have an extra one.

Want to prepare a patch?

--
 Magnus Hagander
 Me: http://www.hagander.net/
 Work: http://www.redpill-linpro.com/


pgsql-hackers by date:

Previous
From: Magnus Hagander
Date:
Subject: pg_stat_statments queryid
Next
From: Florian Pflug
Date:
Subject: Re: [RFC] Interface of Row Level Security