From: | Pavel Stehule <pavel(dot)stehule(at)gmail(dot)com> |
---|---|
To: | Stephen Frost <sfrost(at)snowman(dot)net> |
Cc: | daveg <daveg(at)sonic(dot)net>, Dave Page <dpage(at)pgadmin(dot)org>, Dimitri Fontaine <dfontaine(at)hi-media(dot)com>, Andrew Dunstan <andrew(at)dunslane(dot)net>, Peter Eisentraut <peter_e(at)gmx(dot)net>, PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: Application name patch - v2 |
Date: | 2009-10-19 16:38:05 |
Message-ID: | 162867790910190938l2dad5360j3b9d27e8d298ff5@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
2009/10/19 Stephen Frost <sfrost(at)snowman(dot)net>:
> * Pavel Stehule (pavel(dot)stehule(at)gmail(dot)com) wrote:
>> 2009/10/19 Stephen Frost <sfrost(at)snowman(dot)net>:
>> > * Pavel Stehule (pavel(dot)stehule(at)gmail(dot)com) wrote:
>> >> Superuser permission could not be a problem. Simple security definer
>> >> function can do it.
>> >
>> > Then you've defeated the point of making it superuser-only.
>>
>> no. Because when I write security definer function, then I explicitly
>> allow an writing for some roles. When I don't write this function,
>> then GUC is secure.
>
> And what happens when those 'some roles' are used by broken
> applications? You don't get to say "make it superuser only" and then
> turn around and tell people to hack around the fact that it's superuser
> only to be able to use it. That's not a solution.
You don't understand me. When I would to have a secure environment,
then I don't write this function. So there will not be a posibility to
change application name from session.
Pavel
>
> Stephen
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.9 (GNU/Linux)
>
> iEYEARECAAYFAkrchUYACgkQrzgMPqB3kij8nACfUrF/wkpsORpXiN0QgbXvONdi
> ghYAn19MpPNnRrf9BxmIOVBRR212JU6c
> =c5tL
> -----END PGP SIGNATURE-----
>
>
From | Date | Subject | |
---|---|---|---|
Next Message | David E. Wheeler | 2009-10-19 16:42:02 | Re: Controlling changes in plpgsql variable resolution |
Previous Message | Tom Lane | 2009-10-19 16:37:54 | Re: Rejecting weak passwords |