Re: How to stop script executions

On Tue, Jul 26, 2016 at 9:52 AM, Dev Kumkar <devdas(dot)kumkar(at)gmail(dot)com> wrote:

> On Tue, Jul 26, 2016 at 6:59 PM, David G. Johnston <
> david(dot)g(dot)johnston(at)gmail(dot)com> wrote:
>
>> ​Typically this means that given user only having psql, or some other
>> backend protocol only, connect to the database are they able to execute
>> arbitrary commands as the user running the PostgreSQL process on the host
>> system.​
>>
>> Untrusted langauges are untrusted for specifically this reason. Without
>> untrusted languages it requires privilege escalation to interact
>> dynamically with the host operating system.
>>
>> Assuming raised privileges it is presently impossible to prevent such
>> dynamic interaction.
>>
>
> Just thinking if untrusted language like plperlu is not installed then
> executing arbitrary commands is not possible.
> So the other possible which you did mention was COPY FROM PROGRAM command,
> is this understanding correct?
>
> Regards...
>

>COPY FROM PROGRAM

I think at this point it would be most beneficial if
1. You stated your version of PostgreSQL & O/S
2. Gave a comprehensive explanation of exactly what you are trying to do.
IOW, What exactly are you trying to prevent users from doing and why?

--
*Melvin Davidson*
I reserve the right to fantasize. Whether or not you
wish to share my fantasy is entirely up to you.