| From: | Noah Misch <noah(at)leadboat(dot)com> |
|---|---|
| To: | pgsql-committers(at)lists(dot)postgresql(dot)org |
| Subject: | pgsql: Document search_path security with untrusted dbowner or CREATERO |
| Date: | 2019-12-08 19:11:33 |
| Message-ID: | E1ie1xt-0006j2-59@gemulon.postgresql.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-committers |
Document search_path security with untrusted dbowner or CREATEROLE.
Commit 5770172cb0c9df9e6ce27c507b449557e5b45124 wrote, incorrectly, that
certain schema usage patterns are secure against CREATEROLE users and
database owners. When an untrusted user is the database owner or holds
CREATEROLE privilege, a query is secure only if its session started with
SELECT pg_catalog.set_config('search_path', '', false) or equivalent.
Back-patch to 9.4 (all supported versions).
Discussion: https://postgr.es/m/20191013013512.GC4131753@rfd.leadboat.com
Branch
------
REL_10_STABLE
Details
-------
https://git.postgresql.org/pg/commitdiff/6909742976612e45a68e765618bb88dacd6da758
Modified Files
--------------
doc/src/sgml/ddl.sgml | 80 +++++++++++++++++++++++++--------------------------
1 file changed, 40 insertions(+), 40 deletions(-)
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Amit Kapila | 2019-12-09 03:46:01 | pgsql: Fix typos in miscinit.c. |
| Previous Message | Tom Lane | 2019-12-08 15:36:43 | pgsql: Doc: improve documentation about run-time pruning's effects on E |