From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
---|---|
To: | Mark Dilger <hornschnorter(at)gmail(dot)com> |
Cc: | Isaac Morland <isaac(dot)morland(at)gmail(dot)com>, Robert Haas <robertmhaas(at)gmail(dot)com>, Noah Misch <noah(at)leadboat(dot)com>, "pgsql-hackers(at)postgresql(dot)org" <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: Facility for detecting insecure object naming |
Date: | 2018-08-08 15:11:30 |
Message-ID: | 32760.1533741090@sss.pgh.pa.us |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
Mark Dilger <hornschnorter(at)gmail(dot)com> writes:
> On Aug 8, 2018, at 7:47 AM, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
>> The advantage of a function trust mechanism is that it'd provide
>> security against calling functions you didn't intend to without
>> any visible changes in normal application behavior. The security
>> team gave up on that approach because it seemed too complicated to
>> pursue as a secretly-developed security patch, but I still think
>> it's the right long-term answer.
> Do you have a WIP patch partially developed for this? If it is no
> longer secret, perhaps the rest of us could take a look?
Yeah, I do have a POC prototype, let me blow the dust off it ...
regards, tom lane
From | Date | Subject | |
---|---|---|---|
Next Message | Bossart, Nathan | 2018-08-08 15:38:57 | Re: Improve behavior of concurrent TRUNCATE |
Previous Message | Alvaro Herrera | 2018-08-08 15:02:39 | Re: Typo in doc or wrong EXCLUDE implementation |