Thread: Disallow execution of shell commands from psql
Hi!
Happy new (gregorian calendar) year!
Somehow related to the proposal of having a `psql --idle` option, is there a way to disallow the command `\!` (and anything of the likes in psql?
Sure, I can set the SHELL env var at run-time, but I still want to have postgres user to be a normal user, with its shell etc, which means it can change this SHELL setting somewhere.
Any tip?
Happy new (gregorian calendar) year!
Somehow related to the proposal of having a `psql --idle` option, is there a way to disallow the command `\!` (and anything of the likes in psql?
Sure, I can set the SHELL env var at run-time, but I still want to have postgres user to be a normal user, with its shell etc, which means it can change this SHELL setting somewhere.
Any tip?
On Tue, Jan 10, 2023 at 07:01:24PM +0100, Wiwwo Staff wrote: > Hi! > Happy new (gregorian calendar) year! > > Somehow related to the proposal of having a `psql --idle` option, is there > a way to disallow the command `\!` (and anything of the likes in psql? > > Sure, I can set the SHELL env var at run-time, but I still want to have > postgres user to be a normal user, with its shell etc, which means it can > change this SHELL setting somewhere. As far as I know, it's not possible. Why is that a problem though? \! will run command as the user that ran psql. So it's not a security issue. What's the problem then? Best regards, depesz