Home > mailing lists

Re: Fixing insecure security definer functions - Mailing list pgsql-hackers

From	Zeugswetter Andreas ADI SD
Subject	Re: Fixing insecure security definer functions
Date	February 14, 2007 08:21:46
Msg-id	E1539E0ED7043848906A8FF995BDA57901C137E4@m0143.s-mxs.net Whole thread Raw
In response to	Fixing insecure security definer functions (Peter Eisentraut <peter_e@gmx.net>)
Responses	Re: Fixing insecure security definer functions Re: Fixing insecure security definer functions
List	pgsql-hackers

Tree view

> Regarding the advisory on possibly insecure security definer functions

> that I just sent out (by overriding the search path you can make the
> function do whatever you want with the privileges of the function
> owner), the favored solution after some initial discussion in the core

> team was to save the search path at creation time with each function.

Have you considered hardcoding the schema for each object where it was
found at creation time ? This seems more intuitive to me. Also using a
search
path, leaves the possibility to inject an object into a previous schema.

Andreas

pgsql-hackers by date:

From: Hannu Krosing
Date: 14 February 2007, 08:13:34
Subject: Re: HOT for PostgreSQL 8.3

From: "Pavan Deolasee"
Date: 14 February 2007, 09:04:59
Subject: HOT WIP Patch - version 1

Re: Fixing insecure security definer functions - Mailing list pgsql-hackers

Previous

Next