Re: Application name patch - v2

2009/10/19 Dave Page <dpage(at)pgadmin(dot)org>:
> On Mon, Oct 19, 2009 at 9:23 AM, Pavel Stehule <pavel(dot)stehule(at)gmail(dot)com> wrote:
>> 2009/10/19 Dave Page <dpage(at)pgadmin(dot)org>:
>>> On Mon, Oct 19, 2009 at 8:54 AM, Pavel Stehule <pavel(dot)stehule(at)gmail(dot)com> wrote:
>>>> I dislike write access to app name guc for user too. It's not safe.
>>>> Maybe only super user can do it?
>>>
>>> That'll render it pretty useless, as most applications wouldn't then
>>> be able to set/reset it when it makes sense to do so.
>>
>> But application can do it simply via connection string, no? Mostly
>> applications has connection string in configuration, so I don't see
>> problem there. And if I would to allow access, then I could to wrap
>> setting to security definer function.
>
> It will prevent an application changing the value before running a
> long operation which may warrant special identification. It will also
> prevent applications changing the setting if you're running through a
> pooler.

Then we have to divide this value to two independent values like
application_name and application_state.

>
>> I see this as security hole. It allows special SQL injection.
>
> How so?
>
You change identity. If any application is vulnerable to SQL
injection, then this value is nice goal.

Pavel

>
>
> --
> Dave Page
> EnterpriseDB UK:   http://www.enterprisedb.com
>