| From: | "Jonathan S(dot) Katz" <jkatz(at)postgresql(dot)org> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | Magnus Hagander <magnus(at)hagander(dot)net>, Daniel Verite <daniel(at)manitou-mail(dot)org>, pgsql-general <pgsql-general(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: CVE-2019-9193 about COPY FROM/TO PROGRAM |
| Date: | 2019-04-01 14:04:32 |
| Message-ID: | A2F7EB11-7B4B-452D-8DEA-0DCD88535FE5@postgresql.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
> On Apr 1, 2019, at 9:55 AM, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
>
> Magnus Hagander <magnus(at)hagander(dot)net> writes:
>>> On Sat, Mar 30, 2019 at 10:16 PM Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
>>> Yeah; this is supposing that there is a security boundary between
>>> Postgres superusers and the OS account running the server, which
>>> there is not. We could hardly have features like untrusted PLs
>>> if we were trying to maintain such a boundary.
>
>> I wonder if we need to prepare some sort of official response to that.
>> I was considering writing up a blog post about it, but maybe we need
>> something more official?
>
> Blog post seems like a good idea. As for an "official" response,
> it strikes me that maybe we need better documentation.
+1, though I’d want to see if people get noisier about it before we rule
out an official response.
A blog post from a reputable author who can speak to security should
be good enough and we can make noise through our various channels.
Jonathan
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Alvaro Herrera | 2019-04-01 14:07:27 | Re: CVE-2019-9193 about COPY FROM/TO PROGRAM |
| Previous Message | Tom Lane | 2019-04-01 14:02:44 | Re: logical replication - negative bitmapset member not allowed |