Skip site navigation (1) Skip section navigation (2)

pgsql: Support explicit placement of the temporary-table schema within

From: tgl(at)postgresql(dot)org (Tom Lane)
To: pgsql-committers(at)postgresql(dot)org
Subject: pgsql: Support explicit placement of the temporary-table schema within
Date: 2007-04-20 02:38:46
Message-ID: 20070420023846.80F2F9FB4F3@postgresql.org (view raw or flat)
Thread:
Lists: pgsql-committers
Log Message:
-----------
Support explicit placement of the temporary-table schema within search_path.
This is needed to allow a security-definer function to set a truly secure
value of search_path.  Without it, a malicious user can use temporary objects
to execute code with the privileges of the security-definer function.  Even
pushing the temp schema to the back of the search path is not quite good
enough, because a function or operator at the back of the path might still
capture control from one nearer the front due to having a more exact datatype
match.  Hence, disable searching the temp schema altogether for functions and
operators.

Security: CVE-2007-2138

Tags:
----
REL7_4_STABLE

Modified Files:
--------------
    pgsql/doc/src/sgml/ref:
        create_function.sgml (r1.53.2.1 -> r1.53.2.2)
        (http://developer.postgresql.org/cvsweb.cgi/pgsql/doc/src/sgml/ref/create_function.sgml.diff?r1=1.53.2.1&r2=1.53.2.2)
    pgsql/doc/src/sgml:
        release.sgml (r1.235.2.52 -> r1.235.2.53)
        (http://developer.postgresql.org/cvsweb.cgi/pgsql/doc/src/sgml/release.sgml.diff?r1=1.235.2.52&r2=1.235.2.53)
        runtime.sgml (r1.215.2.9 -> r1.215.2.10)
        (http://developer.postgresql.org/cvsweb.cgi/pgsql/doc/src/sgml/runtime.sgml.diff?r1=1.215.2.9&r2=1.215.2.10)
    pgsql/src/backend/catalog:
        namespace.c (r1.58 -> r1.58.2.1)
        (http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/catalog/namespace.c.diff?r1=1.58&r2=1.58.2.1)
    pgsql/src/test/regress/expected:
        temp.out (r1.9 -> r1.9.2.1)
        (http://developer.postgresql.org/cvsweb.cgi/pgsql/src/test/regress/expected/temp.out.diff?r1=1.9&r2=1.9.2.1)
    pgsql/src/test/regress/sql:
        temp.sql (r1.5 -> r1.5.4.1)
        (http://developer.postgresql.org/cvsweb.cgi/pgsql/src/test/regress/sql/temp.sql.diff?r1=1.5&r2=1.5.4.1)

pgsql-committers by date

Next:From: Tom LaneDate: 2007-04-20 02:38:59
Subject: pgsql: Support explicit placement of the temporary-table schema within
Previous:From: Tom LaneDate: 2007-04-20 02:38:33
Subject: pgsql: Support explicit placement of the temporary-table schema within

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group