| From: | Ashutosh Sharma <ashu(dot)coek88(at)gmail(dot)com> |
|---|---|
| To: | John H <johnhyvr(at)gmail(dot)com> |
| Cc: | Alexander Kukushkin <cyberdemn(at)gmail(dot)com>, Jelte Fennema-Nio <postgres(at)jeltef(dot)nl>, Jeff Davis <pgsql(at)j-davis(dot)com>, Ashutosh Bapat <ashutosh(dot)bapat(dot)oss(at)gmail(dot)com>, pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Addressing SECURITY DEFINER Function Vulnerabilities in PostgreSQL Extensions |
| Date: | 2024-06-13 03:09:37 |
| Message-ID: | CAE9k0P=v8y+EbSyFQJ1GbeyxM7wL14GPiqs-uVBcx8nY3X82DQ@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Hi,
On Wed, Jun 12, 2024 at 11:35 PM John H <johnhyvr(at)gmail(dot)com> wrote:
>
> > But, I also agree with Jelte, it should be a property of a control file, rather than a user controlled parameter, so that an attacker can't opt out.
>
This will be addressed in the next patch version.
> +1. Also curious what happens if an extension author has search_path
> already set in proconfig for a function that doesn't match what's in
> the control file. I'm guessing the function one should take
> precedence.
>
Yes, if the author has explicitly set the proconfig, it will take precedence.
--
With Regards,
Ashutosh Sharma.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Andrei Lepikhov | 2024-06-13 03:45:38 | Re: Removing unneeded self joins |
| Previous Message | Peter Geoghegan | 2024-06-13 02:04:04 | Re: Harmonizing pg_bsd_indent parameter names |