| From: | Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com> |
|---|---|
| To: | Chapman Flack <chap(at)anastigmatix(dot)net>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | pgsql-hackers(at)postgresql(dot)org, Albe Laurenz <all(at)adv(dot)magwien(dot)gv(dot)at> |
| Subject: | Re: Security leak with trigger functions? |
| Date: | 2018-01-29 23:45:38 |
| Message-ID: | 18cf4bff-0a1c-38de-e0c1-b8d16fb3c602@2ndquadrant.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 1/22/18 16:04, Chapman Flack wrote:
>> PostgreSQL only allows a trigger action of "call this function", so in
>> the SQL standard context that would mean we'd need to check the EXECUTE
>> privilege of the owner of the trigger. The trick is figuring out who
>> the owner is. If it's the owner of the table, then TRIGGER privilege
>> is effectively total control over the owner of the table. If it's
>> whoever created the trigger, it might be useful, but I don't see how
>> that is compatible with the intent of the SQL standard.
>
> Hmm, it's been not quite a dozen years, have there been later threads
> that followed up on this discussion?
No, I don't think anything has changed here.
--
Peter Eisentraut http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Peter Geoghegan | 2018-01-30 00:06:03 | Re: [HACKERS] Parallel tuplesort (for parallel B-Tree index creation) |
| Previous Message | Andres Freund | 2018-01-29 23:24:12 | Re: JIT compiling with LLVM v9.0 |