| From: | Martijn van Oosterhout <kleptog(at)svana(dot)org> |
|---|---|
| To: | Markus Schaber <schabi(at)logix-tt(dot)com> |
| Cc: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: minor feature request: Secure defaults during |
| Date: | 2006-09-20 10:55:44 |
| Message-ID: | 20060920105544.GB25362@svana.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Wed, Sep 20, 2006 at 11:59:52AM +0200, Markus Schaber wrote:
> But I have the possibility to "chmod a-x" before "chmod +s" the file.
>
> Maybe we should add "[NOT] PUBLICLY EXCUTABLE"[1] keywords to CREATE
> FUNCTION, with the default being the current behaviour for now (possibly
> configurable). Add an appropriate note in the docs for CREATE FUNCTION,
> so users are informed about the security implications.
If you're that paranoid, start a transaction, create the function,
revoke the permissions and then commit. Then no-one else will see the
function before you've set the permissions the way you want.
I agree that maybe being able to specify it during function creation
would be nice, but it's not like it's impossible now.
Have a nice day,
--
Martijn van Oosterhout <kleptog(at)svana(dot)org> http://svana.org/kleptog/
> From each according to his ability. To each according to his ability to litigate.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Andrew Sullivan | 2006-09-20 11:09:36 | Re: pg_upgrade: downgradebility |
| Previous Message | Zdenek Kotala | 2006-09-20 10:54:14 | pg_upgrade: downgradebility |