From: | Nathan Bossart <nathandbossart(at)gmail(dot)com> |
---|---|
To: | pgsql-hackers(at)postgresql(dot)org |
Subject: | Re: un-revert the MAINTAIN privilege and the pg_maintain predefined role |
Date: | 2024-03-07 16:50:00 |
Message-ID: | 20240307165000.GA388645@nathanxps13 |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On Tue, Mar 05, 2024 at 10:12:35AM -0600, Nathan Bossart wrote:
> Thanks to Jeff's recent work with commits 2af07e2 and 59825d1, the issue
> that led to the revert of the MAINTAIN privilege and the pg_maintain
> predefined role (commit 151c22d) should now be resolved. Specifically,
> there was a concern that roles with the MAINTAIN privilege could use
> search_path tricks to run arbitrary code as the table owner. Jeff's work
> prevents this by restricting search_path to a known safe value when running
> maintenance commands. (This approach and others were discussed on the
> lists quite extensively, and it was also brought up at the developer
> meeting at FOSDEM [0] earlier this year.)
>
> Given this, I'd like to finally propose un-reverting MAINTAIN and
> pg_maintain. I created a commitfest entry for this [1] a few weeks ago and
> attached it to Jeff's search_path thread, but I figured it would be good to
> create a dedicated thread for this, too. The attached patch is a straight
> revert of commit 151c22d except for the following small changes:
>
> * The catversion bump has been removed for now. The catversion will need
> to be bumped appropriately if/when this is committed.
>
> * The OID for the pg_maintain predefined role needed to be changed. The
> original OID has been reused for something else since this feature was
> reverted.
>
> * The change in AdjustUpgrade.pm needed to be updated to check for
> "$old_version < 17" instead of "$old_version < 16".
Given all of this code was previously reviewed and committed, I am planning
to forge ahead and commit this early next week, provided no objections or
additional feedback materialize.
--
Nathan Bossart
Amazon Web Services: https://aws.amazon.com
From | Date | Subject | |
---|---|---|---|
Next Message | Ashutosh Bapat | 2024-03-07 16:54:26 | Re: table inheritance versus column compression and storage settings |
Previous Message | Tom Lane | 2024-03-07 16:46:32 | Re: Function and Procedure with same signature? |