| From: | Isaac Morland <isaac(dot)morland(at)gmail(dot)com> |
|---|---|
| To: | Jeff Davis <pgsql(at)j-davis(dot)com> |
| Cc: | Ashutosh Sharma <ashu(dot)coek88(at)gmail(dot)com>, Ashutosh Bapat <ashutosh(dot)bapat(dot)oss(at)gmail(dot)com>, pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Addressing SECURITY DEFINER Function Vulnerabilities in PostgreSQL Extensions |
| Date: | 2024-06-06 18:09:55 |
| Message-ID: | CAMsGm5cThueMPSKugXw6bLu0sgJNz1R0EOfhZW1-kytUZxFH_w@mail.gmail.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Thu, 6 Jun 2024 at 12:53, Jeff Davis <pgsql(at)j-davis(dot)com> wrote:
> > I didn't get you completely here. w.r.t extensions how will this have
> > an impact if we set the search_path for definer functions.
>
> If we only set the search path for SECURITY DEFINER functions, I don't
> think that solves the whole problem.
Indeed. While the ability for a caller to set the search_path for a
security definer functions introduces security problems that are different
than for security invoker functions, it's still weird for the behaviour of
a function to depend on the caller's search_path. It’s even weirder for the
default search path behaviour to be different depending on whether or not
the function is security definer.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2024-06-06 18:12:37 | Re: question regarding policy for patches to out-of-support branches |
| Previous Message | Jeff Davis | 2024-06-06 16:53:19 | Re: Addressing SECURITY DEFINER Function Vulnerabilities in PostgreSQL Extensions |