| From: | Isaac Morland <isaac(dot)morland(at)gmail(dot)com> |
|---|---|
| To: | Tels <nospam-pg-abuse(at)bloodgate(dot)com> |
| Cc: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Alvaro Herrera <alvherre(at)2ndquadrant(dot)com>, Marco van Eck <marco(dot)vaneck(at)gmail(dot)com>, PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Have an encrypted pgpass file |
| Date: | 2018-07-21 01:52:19 |
| Message-ID: | CAMsGm5e6_obb7dX4CPow6WYfWSAN-tpdS7nyc6CogfZZ+rSfrw@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 20 July 2018 at 17:22, Tels <nospam-pg-abuse(at)bloodgate(dot)com> wrote:
> Moin,
>
> > It would also provide a *very* fertile source of shell-script-injection
> > vulnerabilities. (Whaddya mean, you tried to use a user name with a
> > quote mark in it?)
>
> Little Bobby Tables, we call him. :)
>
> I'm also concerned that that would let anybody who could alter the
> environment then let arbitrary code be run as user postgres. Is this
> something that poses a risk in addition to the current situation?
>
If I understand the proposal correctly, the pgpass program would run on the
client, invoked by libpq when a password is needed for a connection. So the
risk relates to strange things happening on the client when the client
attempts to connect as a strangely-named user or to a strangely-named
database or host, not to being able to break into the server.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Peter Geoghegan | 2018-07-21 03:16:25 | Re: small development tip: Consider using the gold linker |
| Previous Message | Jerry Jelinek | 2018-07-20 22:04:55 | Re: patch to allow disable of WAL recycling |