| From: | Bernd Helmle <mailings(at)oopsware(dot)de> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Alvaro Herrera <alvherre(at)commandprompt(dot)com> |
| Cc: | pgsql-hackers(at)postgreSQL(dot)org |
| Subject: | Re: ALTER ROLE/DATABASE RESET ALL versus security |
| Date: | 2009-11-14 02:01:43 |
| Message-ID: | 32EF579BD16943AB19FB2C74@amenophis |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
--On 13. November 2009 19:08:22 -0500 Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
> It looks to me like the code in AlterSetting() will allow an ordinary
> user to blow away all settings for himself. Even those that are for
> SUSET variables and were presumably set for him by a superuser. Isn't
> this a security hole? I would expect that an unprivileged user should
> not be able to change such settings, not even to the extent of
> reverting to the installation-wide default.
I agree. A quick check shows that resetting or changing a single parameter
is not allowed, so this seems inconsistent anyways. Maybe AlterSetting()
should be more strict and pick only those settings, which are safe for
ordinary users to reset?
--
Thanks
Bernd
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Andrew Dunstan | 2009-11-14 03:05:13 | Re: xpath_table equivalent |
| Previous Message | Andres Freund | 2009-11-14 00:39:45 | Re: tsearch parser inefficiency if text includes urls or emails - new version |