Quick Links

Re: We broke the defense against accessing other sessions' temp tables

From:	Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To:	Jim Jones <jim(dot)jones(at)uni-muenster(dot)de>
Cc:	"David G(dot) Johnston" <david(dot)g(dot)johnston(at)gmail(dot)com>, Jelte Fennema-Nio <postgres(at)jeltef(dot)nl>, Bruce Momjian <bruce(at)momjian(dot)us>, pgsql-hackers(at)lists(dot)postgresql(dot)org
Subject:	Re: We broke the defense against accessing other sessions' temp tables
Date:	2025-10-04 17:38:55
Message-ID:	1527968.1759599535@sss.pgh.pa.us
Views:	Whole Thread \| Raw Message \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

Jim Jones <jim(dot)jones(at)uni-muenster(dot)de> writes:
> I also noticed that it is possible to LOCK a temp table from another
> session (as superuser).

Sure. Superusers bypass all SQL permissions checks.

> Doesn't it mean that one session can trivially DoS another session's
> private temp table?

Superusers can trivially DoS anybody anytime: lock their tables,
corrupt their data, whatever. That's a feature not a bug.

regards, tom lane

In response to

Re: We broke the defense against accessing other sessions' temp tables at 2025-09-22 08:14:04 from Jim Jones

Responses

Re: We broke the defense against accessing other sessions' temp tables at 2025-10-04 21:07:33 from Jim Jones

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Tom Lane	2025-10-04 17:47:53	Re: [PATCH] random_normal function
Previous Message	ls7777	2025-10-04 16:08:06	Patch for migration of the pg_commit_ts directory v2