Thread: Re: [HACKERS] [PATCH] Re: Setuid functions

Re: [HACKERS] [PATCH] Re: Setuid functions

From
Bruce Momjian
Date:
Done.

> Might as well just get rid of that one; Peter's right about the security hole.
>
> The simplest fix I see is to allow SET AUTHORIZATION only in superuser-owned
> functions. It would still be potentially useful that way. Doing this the
> "right" way (with users needing regrantable privileges, etc.) would involve
> too much effort for too little reward, IMHO.
>
> Mark
>
> Bruce Momjian wrote:
> >
> > I am backing out this SET AUTHORIZATION patch until we can resolve the
> > security issues.  It will remain in the patch queue at:
> >
> >         http://candle.pha.pa.us/cgi-bin/pgpatches
> >
>

--
  Bruce Momjian                        |  http://candle.pha.pa.us
  pgman@candle.pha.pa.us               |  (610) 853-3000
  +  If your life is a hard drive,     |  830 Blythe Avenue
  +  Christ can be your backup.        |  Drexel Hill, Pennsylvania 19026