| From: | Robert Haas <robertmhaas(at)gmail(dot)com> |
|---|---|
| To: | Ashutosh Sharma <ashu(dot)coek88(at)gmail(dot)com> |
| Cc: | Jeff Davis <pgsql(at)j-davis(dot)com>, John H <johnhyvr(at)gmail(dot)com>, Alexander Kukushkin <cyberdemn(at)gmail(dot)com>, Jelte Fennema-Nio <postgres(at)jeltef(dot)nl>, Ashutosh Bapat <ashutosh(dot)bapat(dot)oss(at)gmail(dot)com>, pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Addressing SECURITY DEFINER Function Vulnerabilities in PostgreSQL Extensions |
| Date: | 2024-07-16 16:09:51 |
| Message-ID: | CA+TgmobOa_Fvf1_W=9d3qz9z8+RNBwSQHex10Vu7Cj-xqEKYSg@mail.gmail.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Tue, Jul 16, 2024 at 1:55 AM Ashutosh Sharma <ashu(dot)coek88(at)gmail(dot)com> wrote:
> Just to confirm, are you suggesting to remove the protected flag and
> set the default search_path (as $extension_schema,) for all functions
> within an extension where no explicit search_path is set?
No, I'm not saying that. In fact I'm not sure we should have the
protected flag at all.
> In addition
> to that, also allow users to explicitly set $extension_schema as the
> search_path and bypass resolution of $extension_schema for objects
> outside the extension?
Yes, I'm saying that.
--
Robert Haas
EDB: http://www.enterprisedb.com
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Joe Conway | 2024-07-16 16:12:37 | Re: CI, macports, darwin version problems |
| Previous Message | Robert Haas | 2024-07-16 15:59:48 | Re: Parent/child context relation in pg_get_backend_memory_contexts() |