| From: | hubert depesz lubaczewski <depesz(at)depesz(dot)com> |
|---|---|
| To: | Wiwwo Staff <wiwwo(at)wiwwo(dot)com> |
| Cc: | pgsql-general(at)lists(dot)postgresql(dot)org |
| Subject: | Re: Disallow execution of shell commands from psql |
| Date: | 2023-01-11 12:54:03 |
| Message-ID: | Y76xa0OKm7y5xZ0w@depesz.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Tue, Jan 10, 2023 at 07:01:24PM +0100, Wiwwo Staff wrote:
> Hi!
> Happy new (gregorian calendar) year!
>
> Somehow related to the proposal of having a `psql --idle` option, is there
> a way to disallow the command `\!` (and anything of the likes in psql?
>
> Sure, I can set the SHELL env var at run-time, but I still want to have
> postgres user to be a normal user, with its shell etc, which means it can
> change this SHELL setting somewhere.
As far as I know, it's not possible. Why is that a problem though?
\! will run command as the user that ran psql. So it's not a security
issue. What's the problem then?
Best regards,
depesz
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Fred Habash | 2023-01-11 13:59:38 | Autovacuum Hung Due to Bufferpin |
| Previous Message | Adrien Nayrat | 2023-01-11 10:26:00 | Re: PITR and instance without any activity |