| From: | Laurenz Albe <laurenz(dot)albe(at)cybertec(dot)at> |
|---|---|
| To: | Tomas Vondra <tomas(dot)vondra(at)enterprisedb(dot)com>, pgsql-hackers(at)lists(dot)postgresql(dot)org |
| Subject: | Re: Wrong security context for deferred triggers? |
| Date: | 2024-09-09 21:14:30 |
| Message-ID: | 77b89e609f21380785865542609fbc14010021c8.camel@cybertec.at |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Wed, 2024-03-06 at 14:32 +0100, Laurenz Albe wrote:
> On Mon, 2023-11-06 at 18:29 +0100, Tomas Vondra wrote:
> > On 11/6/23 14:23, Laurenz Albe wrote:
> > > This behavior looks buggy to me. What do you think?
> > > I cannot imagine that it is a security problem, though.
> >
> > How could code getting executed under the wrong role not be a security
> > issue? Also, does this affect just the role, or are there some other
> > settings that may unexpectedly change (e.g. search_path)?
>
> Here is a patch that fixes this problem by keeping track of the
> current role in the AfterTriggerSharedData.
Funny enough, this problem has just surfaced on pgsql-general:
https://postgr.es/m/89e33a53-909c-6a02-bfc6-2578ba974e16@cloud.gatewaynet.com
I take this as one more vote for this patch...
Yours,
Laurenz Albe
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Daniel Gustafsson | 2024-09-09 21:20:28 | Re: optimizing pg_upgrade's once-in-each-database steps |
| Previous Message | Peter Geoghegan | 2024-09-09 20:54:57 | Re: Adding skip scan (including MDAM style range skip scan) to nbtree |