Home > mailing lists

Re: Addressing SECURITY DEFINER Function Vulnerabilities in PostgreSQL Extensions - Mailing list pgsql-hackers

From	Alexander Kukushkin
Subject	Re: Addressing SECURITY DEFINER Function Vulnerabilities in PostgreSQL Extensions
Date	June 12 10:11:03
Msg-id	CAFh8B=nO17YLMLRkVj_Q+CjPEgvq442kHAV+xoOce25fumZDQQ@mail.gmail.com Whole thread Raw
In response to	Re: Addressing SECURITY DEFINER Function Vulnerabilities in PostgreSQL Extensions (Ashutosh Sharma <ashu.coek88@gmail.com>)
Responses	Re: Addressing SECURITY DEFINER Function Vulnerabilities in PostgreSQL Extensions
List	pgsql-hackers

Tree view

Hi Ashutosh,

Apologies for any confusion, but I'm not entirely following your
explanation. Could you kindly provide further clarification?
Additionally, would you mind reviewing the problem description
outlined in the initial email?

I know about the problem and have seen the original email.

What confused me, is that your email didn't specify that SET SEARCH_PATH in the CREATE EXTENSION is a boolean flag, hence I made an assumption that it is a TEXT (similar to GUC with the same name). Now after looking at your code it makes more sense. Sorry about the confusion.

But, I also agree with Jelte, it should be a property of a control file, rather than a user controlled parameter, so that an attacker can't opt out.

Regards,

Alexander Kukushkin

pgsql-hackers by date:

From: Ashutosh Bapat
Date: 12 June, 09:43:56
Subject: Re: Addressing SECURITY DEFINER Function Vulnerabilities in PostgreSQL Extensions

From: Jelte Fennema-Nio
Date: 12 June, 11:02:17
Subject: Re: Partial aggregates pushdown

Re: Addressing SECURITY DEFINER Function Vulnerabilities in PostgreSQL Extensions - Mailing list pgsql-hackers

Previous

Next