Skip site navigation (1) Skip section navigation (2)

Re: Updated instrumentation patch

From: "Magnus Hagander" <mha(at)sollentuna(dot)net>
To: "Bruce Momjian" <pgman(at)candle(dot)pha(dot)pa(dot)us>
Cc: "Tom Lane" <tgl(at)sss(dot)pgh(dot)pa(dot)us>,"PostgreSQL-patches" <pgsql-patches(at)postgresql(dot)org>
Subject: Re: Updated instrumentation patch
Date: 2005-07-30 15:53:08
Message-ID: 6BCB9D8A16AC4241919521715F4D8BCE094635@algol.sollentuna.se (view raw or flat)
Thread:
Lists: pgsql-patches
> > > I think any secure solution is going to have to block all write 
> > > access to postgresql.conf, and that includes all the COPY 
> TO and all 
> > > the untrusted languages.
> > 
> > Exactly. But we won't get that for 8.1. So for now, we 
> block all write 
> > access through *new* functions, per the "let's at least not 
> add more 
> > security holes" rule.
> 
> As far as I know, the only new functionality the patch adds 
> _over_ copy is the ability to write nulls, and rename/unlink. 
>  Should we just throw an error when writing null bytes?

Um. Yes. This patch goes one step further and allows you to block the
writing of *any* file using these functions. The question is wether that
one step further is far enough..

//Magnus

Responses

pgsql-patches by date

Next:From: Bruce MomjianDate: 2005-07-30 15:58:06
Subject: Re: Updated instrumentation patch
Previous:From: Bruce MomjianDate: 2005-07-30 15:46:37
Subject: Re: Patch to mention cost-based delay in vacuum reference

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group