From: | Isaac Morland <isaac(dot)morland(at)gmail(dot)com> |
---|---|
To: | Jeff Davis <pgsql(at)j-davis(dot)com> |
Cc: | Ashutosh Sharma <ashu(dot)coek88(at)gmail(dot)com>, Ashutosh Bapat <ashutosh(dot)bapat(dot)oss(at)gmail(dot)com>, pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: Addressing SECURITY DEFINER Function Vulnerabilities in PostgreSQL Extensions |
Date: | 2024-06-06 18:09:55 |
Message-ID: | CAMsGm5cThueMPSKugXw6bLu0sgJNz1R0EOfhZW1-kytUZxFH_w@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On Thu, 6 Jun 2024 at 12:53, Jeff Davis <pgsql(at)j-davis(dot)com> wrote:
> > I didn't get you completely here. w.r.t extensions how will this have
> > an impact if we set the search_path for definer functions.
>
> If we only set the search path for SECURITY DEFINER functions, I don't
> think that solves the whole problem.
Indeed. While the ability for a caller to set the search_path for a
security definer functions introduces security problems that are different
than for security invoker functions, it's still weird for the behaviour of
a function to depend on the caller's search_path. It’s even weirder for the
default search path behaviour to be different depending on whether or not
the function is security definer.
From | Date | Subject | |
---|---|---|---|
Next Message | Tom Lane | 2024-06-06 18:12:37 | Re: question regarding policy for patches to out-of-support branches |
Previous Message | Jeff Davis | 2024-06-06 16:53:19 | Re: Addressing SECURITY DEFINER Function Vulnerabilities in PostgreSQL Extensions |