Postgres Pro
Downloads
Home   >   mailing lists

Re: Addressing SECURITY DEFINER Function Vulnerabilities in PostgreSQL Extensions - Mailing list pgsql-hackers

From Alexander Kukushkin
Subject Re: Addressing SECURITY DEFINER Function Vulnerabilities in PostgreSQL Extensions
Date
Msg-id CAFh8B==D3Q_Ajnf-Lw5M_mJ7t1=dtQfpk8aZ_qxc4FiuYUzdmA@mail.gmail.com
Whole thread Raw
In response to Re: Addressing SECURITY DEFINER Function Vulnerabilities in PostgreSQL Extensions  (Ashutosh Sharma <ashu.coek88@gmail.com>)
Responses Re: Addressing SECURITY DEFINER Function Vulnerabilities in PostgreSQL Extensions
Re: Addressing SECURITY DEFINER Function Vulnerabilities in PostgreSQL Extensions
List pgsql-hackers
Tree view
Hi,

On Tue, 11 Jun 2024 at 14:50, Ashutosh Sharma <ashu.coek88@gmail.com> wrote:
If the author has configured the search_path for any desired function,
using this option with the CREATE EXTENSION command will not affect
those functions.

Then effectively this feature is useless.
Now attackers can just set search_path for the current session.
With this feature they will also be able to influence search_path of not protected functions when they create an extension.

Regards,
--
Alexander Kukushkin

pgsql-hackers by date:

Previous
From: Ashutosh Sharma
Date:
Subject: Re: Addressing SECURITY DEFINER Function Vulnerabilities in PostgreSQL Extensions
Next
From: Ranier Vilela
Date:
Subject: Re: Improve the granularity of PQsocketPoll's timeout parameter?