From: | Tomasz Ostrowski <tometzky(at)batory(dot)org(dot)pl> |
---|---|
To: | pgsql-general(at)postgresql(dot)org |
Subject: | Re: Advisory on possibly insecure security definer functions |
Date: | 2007-02-20 12:34:20 |
Message-ID: | 20070220123420.GB9773@batory.org.pl |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-announce pgsql-general |
On Wed, 14 Feb 2007, Peter Eisentraut wrote:
> By installing functions or operators with appropriate signatures in
> other schemas, users can then redirect any function or operator
> call in the function code to implementations of their choice
> [snip]
> The proper fix for this problem is to insert explicit SET search_path
> commands into each affected function to produce a known safe schema
> search path.
This fix is not enough in certain common configurations. I've sent a
proof of concept to security<at>postgresql.org, but I won't disclose
it before I'm allowed to by security team.
Regards
Tometzky
--
...although Eating Honey was a very good thing to do, there was a
moment just before you began to eat it which was better than when you
were...
Winnie the Pooh
From | Date | Subject | |
---|---|---|---|
Next Message | Selena Deckelmann | 2007-02-20 15:58:13 | Fwd: [ANNOUNCE] == PostgreSQL Weekly News - February 18 2007 == |
Previous Message | David Fetter | 2007-02-19 03:34:12 | == PostgreSQL Weekly News - February 18 2007 == |
From | Date | Subject | |
---|---|---|---|
Next Message | Merlin Moncure | 2007-02-20 14:30:08 | Re: boolean operator on interval producing strange results |
Previous Message | Gabriel Colina | 2007-02-20 11:59:53 | Re: QNX, RTOS y Postgres OT |