Home > mailing lists

Re: Wrong security context for deferred triggers? - Mailing list pgsql-hackers

From	Tomas Vondra
Subject	Re: Wrong security context for deferred triggers?
Date	November 6, 2023 20:29:39
Msg-id	dede297a-3d24-7029-dfd9-06aeef8b9766@enterprisedb.com Whole thread Raw
In response to	Wrong security context for deferred triggers? (Laurenz Albe <laurenz.albe@cybertec.at>)
Responses	Re: Wrong security context for deferred triggers? Re: Wrong security context for deferred triggers?
List	pgsql-hackers

Tree view

On 11/6/23 14:23, Laurenz Albe wrote:
> ...
> 
> This behavior looks buggy to me.  What do you think?
> I cannot imagine that it is a security problem, though.
> 

How could code getting executed under the wrong role not be a security
issue? Also, does this affect just the role, or are there some other
settings that may unexpectedly change (e.g. search_path)?

regards

-- 
Tomas Vondra
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company

pgsql-hackers by date:

From: Isaac Morland
Date: 06 November 2023, 20:28:52
Subject: Re: Wrong security context for deferred triggers?

From: Stephen Frost
Date: 06 November 2023, 21:02:50
Subject: Re: Add the ability to limit the amount of memory that can be allocated to backends.

Re: Wrong security context for deferred triggers? - Mailing list pgsql-hackers

Previous

Next