| From: | Magnus Hagander <magnus(at)hagander(dot)net> |
|---|---|
| To: | Chander Ganesan <chander(at)otg-nc(dot)com> |
| Cc: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: LISTEN/NOTIFY Security and the docs |
| Date: | 2012-05-24 11:03:18 |
| Message-ID: | CABUevEyAiRR0HhKseVemksTn_5PZLf860hYXhYYpphwJK8pzJg@mail.gmail.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Fri, May 18, 2012 at 5:08 PM, Chander Ganesan <chander(at)otg-nc(dot)com> wrote:
> Hi All,
>
> I just realized that anyone can listen for notifications (using listen) so
> long as they know the "channel" name. This means that a user could receive
> and view the payload for another user.
>
> Perhaps it would be good to note this in the documentation (i.e., there
> should be no expectation of privacy/security when using listen/notify, so
> any user that can connect to a database could issue and receive
> notifications for any channel.)
Might be worth a note, yes. The lack of a note really should tell you
that it's a broadcast, but it wouldn't hurt to have an extra one.
Want to prepare a patch?
--
Magnus Hagander
Me: http://www.hagander.net/
Work: http://www.redpill-linpro.com/
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Florian Pflug | 2012-05-24 11:12:35 | Re: [RFC] Interface of Row Level Security |
| Previous Message | Magnus Hagander | 2012-05-24 10:50:16 | pg_stat_statments queryid |