| From: | Robert Haas <robertmhaas(at)gmail(dot)com> |
|---|---|
| To: | Stefan Keller <sfkeller(at)gmail(dot)com> |
| Cc: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: Proposal: functions get_text() or get_url() |
| Date: | 2009-05-20 11:25:03 |
| Message-ID: | 603c8f070905200425s7ad2b2c0ga040feeacb6276b2@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Wed, May 20, 2009 at 6:34 AM, Stefan Keller <sfkeller(at)gmail(dot)com> wrote:
> Questions: Don't see, why this would be a security issue: How could such a
> function do any harm? large files?
No, large files aren't the problem. The problem is that the
PostgreSQL server process may have rights to access things that the
user doesn't. For a simple case, imagine that PostgreSQL is behind a
firewall and the user is in front of the firewall, but there's a port
open to permit access to PostgreSQL. Now imagine that there is a web
server behind the firewall. The firewall blocks the user from
accessing the web server directly, but the user can ask PostgreSQL to
download the URLs for him. In that way, the user can bypass the
firewall. (Consider for example Andrew Chernow's company, which has
clients connecting to their database server from all over the
Internet...)
...Robert
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2009-05-20 13:24:21 | Re: Compiler warning |
| Previous Message | Stefan Keller | 2009-05-20 10:34:00 | Re: Proposal: functions get_text() or get_url() |