From: | Stephan Szabo <sszabo(at)megazone(dot)bigpanda(dot)com> |
---|---|
To: | Bernard <bht(at)actrix(dot)gen(dot)nz> |
Cc: | pgsql-bugs(at)postgresql(dot)org, pgsql-general(at)postgresql(dot)org |
Subject: | Re: [GENERAL] BUG #1830: Non-super-user must be able to copy |
Date: | 2005-08-19 15:03:39 |
Message-ID: | 20050819075647.I34168@megazone.bigpanda.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-bugs pgsql-general |
On Fri, 19 Aug 2005, Bernard wrote:
> But we can take this one step further so that we don't even need to
> trust ourselves:
>
> The logical next step is that for a non-postgresql-superuser user,
> COPY FROM files have to be world-readable and COPY TO files and
> directories have to be world-writable. The server checks the file
> attributes and grants copy permission depending on them. Obviously any
> Postrgres system files must not be world-readable and world-writable.
>
> Problem solved. One doesn't need to be a genius to figure this out.
No, it's not solved. It prevents that problem for the configuration
files, but still gives access to other world readable files on the system
for example /etc/passwd on many systems (yes it's not terribly interesting
in general, but still is often not acceptable to retrieve).
You'd probably want to add the ability to setup which directories that are
allowed to be read or written to as configuration separately from unix
file permissions.
No, it doesn't take a genius, but it's not as trivial as you seem to think
it is, either. And honestly, until there's a workable plan that addresses
these issues, opening it up seems foolish.
From | Date | Subject | |
---|---|---|---|
Next Message | Jrg Haustein | 2005-08-19 15:08:38 | BUG #1837: varchar/text operator "=" not unicode safe? |
Previous Message | Tom Lane | 2005-08-19 14:38:32 | Re: [GENERAL] BUG #1830: Non-super-user must be able to copy from a |
From | Date | Subject | |
---|---|---|---|
Next Message | Stephan Szabo | 2005-08-19 15:12:08 | Re: [GENERAL] Cascades Failing |
Previous Message | Nigel Horne | 2005-08-19 14:58:20 | http://www.postgresql.org/docs/8.0/static/xfunc-sql.html |