| From: | Alexander Kukushkin <cyberdemn(at)gmail(dot)com> |
|---|---|
| To: | Ashutosh Sharma <ashu(dot)coek88(at)gmail(dot)com> |
| Cc: | Jelte Fennema-Nio <postgres(at)jeltef(dot)nl>, Jeff Davis <pgsql(at)j-davis(dot)com>, Ashutosh Bapat <ashutosh(dot)bapat(dot)oss(at)gmail(dot)com>, pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Addressing SECURITY DEFINER Function Vulnerabilities in PostgreSQL Extensions |
| Date: | 2024-06-12 07:11:03 |
| Message-ID: | CAFh8B=nO17YLMLRkVj_Q+CjPEgvq442kHAV+xoOce25fumZDQQ@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Hi Ashutosh,
Apologies for any confusion, but I'm not entirely following your
> explanation. Could you kindly provide further clarification?
> Additionally, would you mind reviewing the problem description
> outlined in the initial email?
>
I know about the problem and have seen the original email.
What confused me, is that your email didn't specify that SET SEARCH_PATH in
the CREATE EXTENSION is a boolean flag, hence I made an assumption that it
is a TEXT (similar to GUC with the same name). Now after looking at your
code it makes more sense. Sorry about the confusion.
But, I also agree with Jelte, it should be a property of a control file,
rather than a user controlled parameter, so that an attacker can't opt out.
Regards,
--
Alexander Kukushkin
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Jelte Fennema-Nio | 2024-06-12 08:02:17 | Re: Partial aggregates pushdown |
| Previous Message | Ashutosh Bapat | 2024-06-12 06:43:56 | Re: Addressing SECURITY DEFINER Function Vulnerabilities in PostgreSQL Extensions |