Skip site navigation (1) Skip section navigation (2)

pgsql: Require execute permission on the trigger function for CREATETR

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: pgsql-committers(at)postgresql(dot)org
Subject: pgsql: Require execute permission on the trigger function for CREATETR
Date: 2012-02-23 23:04:47
Message-ID: E1S0hiQ-00088i-Vm@gemulon.postgresql.org (view raw or flat)
Thread:
Lists: pgsql-committers
Require execute permission on the trigger function for CREATE TRIGGER.

This check was overlooked when we added function execute permissions to the
system years ago.  For an ordinary trigger function it's not a big deal,
since trigger functions execute with the permissions of the table owner,
so they couldn't do anything the user issuing the CREATE TRIGGER couldn't
have done anyway.  However, if a trigger function is SECURITY DEFINER,
that is not the case.  The lack of checking would allow another user to
install it on his own table and then invoke it with, essentially, forged
input data; which the trigger function is unlikely to realize, so it might
do something undesirable, for instance insert false entries in an audit log
table.

Reported by Dinesh Kumar, patch by Robert Haas

Security: CVE-2012-0866

Branch
------
REL8_3_STABLE

Details
-------
http://git.postgresql.org/pg/commitdiff/d1b8b8fbea0b34907b9571d2f7506e2089adb011

Modified Files
--------------
doc/src/sgml/ref/create_trigger.sgml |    3 ++-
src/backend/commands/trigger.c       |    4 ++++
2 files changed, 6 insertions(+), 1 deletions(-)

pgsql-committers by date

Next:From: Andrew DunstanDate: 2012-02-24 04:45:20
Subject: pgsql: Correctly handle NULLs in JSON output.
Previous:From: Tom LaneDate: 2012-02-23 23:04:46
Subject: pgsql: Stamp 9.1.3.

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group