| From: | "Klaus Reger" <K(dot)Reger(at)twc(dot)de> |
|---|---|
| To: | tgl(at)sss(dot)pgh(dot)pa(dot)us |
| Cc: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: import/export of large objects on server-side |
| Date: | 2001-11-16 16:02:13 |
| Message-ID: | 61010.193.158.34.193.1005926533.squirrel@emailbox24.de |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
> "Klaus Reger" <K(dot)Reger(at)twc(dot)de> writes:
>> I've made a patch, that introduces an entry in the PostgreSQL-config
>> file. You can set a drirectory, where all imports/exports can happen.
>> If nothing is set (the default), no imports/exports on the server-side
>> are allowed. To enhance the security, no reading/writung is allowed
>> from/to non-regular files (block-devs, symlinks, etc.)
>
> This is trivially defeatable, assuming that the "import/export"
> directory is world writable (if it isn't, importing will be tough).
...
> While you could patch around these particular attacks by further
> restricting the filenames, the bottom line is that server-side LO
> operations are just inherently insecure.
>
> regards, tom lane
Ok, you're right, but is it acceptable, to configure this, using the
configfile, rather than with a compile-option?
Regards, Klaus
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Thomas Lockhart | 2001-11-16 16:03:43 | Re: Further open item (Was: Status of 7.2) |
| Previous Message | Tom Lane | 2001-11-16 15:29:27 | Re: import/export of large objects on server-side |