| From: | Robert Haas <robertmhaas(at)gmail(dot)com> |
|---|---|
| To: | Jeff Davis <pgsql(at)j-davis(dot)com> |
| Cc: | Joe Conway <mail(at)joeconway(dot)com>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Noah Misch <noah(at)leadboat(dot)com>, "pgsql-hackers(at)postgresql(dot)org" <pgsql-hackers(at)postgresql(dot)org>, Nathan Bossart <nathandbossart(at)gmail(dot)com> |
| Subject: | Re: pgsql: Fix search_path to a safe value during maintenance operations. |
| Date: | 2023-08-01 14:51:10 |
| Message-ID: | CA+TgmoZPHBo25exiG+SJHeSFwfKof_+mc_Fa1SphU8E3ZTt4eQ@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-committers pgsql-hackers |
On Mon, Jul 31, 2023 at 5:15 PM Jeff Davis <pgsql(at)j-davis(dot)com> wrote:
> > ERROR: role "rhaas" should not execute arbitrary code provided by
> > role "jconway"
> > HINT: If this should be allowed, use the TRUST command to permit it.
>
> +1, though I'm not sure we need an extensive trust mechanism beyond
> what we already have with the SET ROLE privilege.
FWIW, I think it would be a good idea. It might not be absolutely
mandatory but I think it would be smart.
--
Robert Haas
EDB: http://www.enterprisedb.com
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Robert Haas | 2023-08-01 17:41:42 | Re: pgsql: Fix search_path to a safe value during maintenance operations. |
| Previous Message | David Rowley | 2023-08-01 13:45:21 | pgsql: Fix overly strict Assert in jsonpath code |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Euler Taveira | 2023-08-01 14:51:45 | Re: Pgoutput not capturing the generated columns |
| Previous Message | Sergey Shinderuk | 2023-08-01 14:44:13 | Fix error handling in be_tls_open_server() |