| From: | Michael Paquier <michael(at)paquier(dot)xyz> |
|---|---|
| To: | Gurjeet Singh <gurjeet(at)singh(dot)im> |
| Cc: | Postgres Hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Fwd: Unprivileged user can induce crash by using an SUSET param in PGOPTIONS |
| Date: | 2022-07-21 06:04:30 |
| Message-ID: | YtjsbtZFCaou6C/k@paquier.xyz |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Wed, Jul 20, 2022 at 07:31:47PM -0700, Gurjeet Singh wrote:
> Moving the report from security to -hackers on Noah's advice. Since
> the function(s) involved in the crash are not present in any of the
> released versions, it is not considered a security issue.
>
> I can confirm that this is reproducible on the latest commit on
> master, 3c0bcdbc66. Below is the original analysis, followed by Noah's
> analysis.
>
> To be able to reproduce it, please note that perl support is required;
> hence `./configure --with-perl`.
>
> The note about 'security concerns around on_plperl_init parameter',
> below, refers to now-fixed issue, at commit 13d8388151.
This ACL lookup still happens when pre-loading libraries at session
startup with custom GUCs, as this checks if the GUC can be changed by
the user connecting or not. I am adding an open item to track that.
--
Michael
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Pavel Stehule | 2022-07-21 06:16:19 | Re: Schema variables - new implementation for Postgres 15 |
| Previous Message | Japin Li | 2022-07-21 06:02:49 | Re: Memory leak fix in psql |