Quick Links

Re: FW: [VulnWatch] [AppSecInc Advisory MYSQL05-V0003] Multiple Issues with MySQL User Defined Functions

From:	Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To:	"Magnus Hagander" <mha(at)sollentuna(dot)net>
Cc:	"PostgreSQL-development" <pgsql-hackers(at)postgresql(dot)org>
Subject:	Re: FW: [VulnWatch] [AppSecInc Advisory MYSQL05-V0003] Multiple Issues with MySQL User Defined Functions
Date:	2005-08-09 14:58:56
Message-ID:	16136.1123599536@sss.pgh.pa.us
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

"Magnus Hagander" <mha(at)sollentuna(dot)net> writes:
> FYI, issue (1) applies to postgresql as well. It's fixed by
> http://archives.postgresql.org/pgsql-patches/2005-07/msg00529.php.

Note that the equivalent exploit in Postgres would require superuser
privilege (since it requires creating a C function). It's a bit hard
to see it as a credible "security threat" since you already have the
keys to the kingdom if superuser.

I'm not totally certain about the security model in MySQL --- do they
have a distinction between trusted and untrusted function languages?
The document only talks about "insert privilege on mysql.func" which
sounds like a one-level design...

regards, tom lane

In response to

FW: [VulnWatch] [AppSecInc Advisory MYSQL05-V0003] Multiple Issues with MySQL User Defined Functions at 2005-08-09 08:52:12 from Magnus Hagander

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Richard Huxton	2005-08-09 15:01:14	Re: Solving the OID-collision problem
Previous Message	Bruce Momjian	2005-08-09 14:58:13	Re: Simplifying wal_sync_method