Re: Disallow execution of shell commands from psql - Mailing list pgsql-general

From hubert depesz lubaczewski
Subject Re: Disallow execution of shell commands from psql
Date
Msg-id Y76xa0OKm7y5xZ0w@depesz.com
Whole thread Raw
In response to Disallow execution of shell commands from psql  (Wiwwo Staff <wiwwo@wiwwo.com>)
List pgsql-general
On Tue, Jan 10, 2023 at 07:01:24PM +0100, Wiwwo Staff wrote:
> Hi!
> Happy new (gregorian calendar) year!
> 
> Somehow related to the proposal of having a `psql --idle` option, is there
> a way to disallow the command `\!` (and anything of the likes in psql?
> 
> Sure, I can set the SHELL env var at run-time, but I still want to have
> postgres user to be a normal user, with its shell etc, which means it can
> change this SHELL setting somewhere.

As far as I know, it's not possible. Why is that a problem though?

\! will run command as the user that ran psql. So it's not a security
issue. What's the problem then?

Best regards,

depesz




pgsql-general by date:

Previous
From: Adrien Nayrat
Date:
Subject: Re: PITR and instance without any activity
Next
From: Fred Habash
Date:
Subject: Autovacuum Hung Due to Bufferpin