| From: | Ashutosh Sharma <ashu(dot)coek88(at)gmail(dot)com> |
|---|---|
| To: | Alexander Kukushkin <cyberdemn(at)gmail(dot)com> |
| Cc: | Jelte Fennema-Nio <postgres(at)jeltef(dot)nl>, Jeff Davis <pgsql(at)j-davis(dot)com>, Ashutosh Bapat <ashutosh(dot)bapat(dot)oss(at)gmail(dot)com>, pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Addressing SECURITY DEFINER Function Vulnerabilities in PostgreSQL Extensions |
| Date: | 2024-06-11 13:27:16 |
| Message-ID: | CAE9k0PmdPkGLvjR9zzgH4FqAVjV6rm0jOrUNi5cHsQOoutBW4A@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Hi Alexander,
On Tue, Jun 11, 2024 at 6:26 PM Alexander Kukushkin <cyberdemn(at)gmail(dot)com> wrote:
>
> Hi,
>
> On Tue, 11 Jun 2024 at 14:50, Ashutosh Sharma <ashu(dot)coek88(at)gmail(dot)com> wrote:
>>
>> If the author has configured the search_path for any desired function,
>> using this option with the CREATE EXTENSION command will not affect
>> those functions.
>
>
> Then effectively this feature is useless.
> Now attackers can just set search_path for the current session.
> With this feature they will also be able to influence search_path of not protected functions when they create an extension.
>
Apologies for any confusion, but I'm not entirely following your
explanation. Could you kindly provide further clarification?
Additionally, would you mind reviewing the problem description
outlined in the initial email?
--
With Regards,
Ashutosh Sharma.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Joseph Koshakow | 2024-06-11 13:31:39 | Re: Remove dependence on integer wrapping |
| Previous Message | Ranier Vilela | 2024-06-11 13:01:25 | Re: Improve the granularity of PQsocketPoll's timeout parameter? |