Quick Links

Re: ALTER ROLE/DATABASE RESET ALL versus security

From:	Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To:	Alvaro Herrera <alvherre(at)commandprompt(dot)com>
Cc:	pgsql-hackers(at)postgresql(dot)org
Subject:	Re: ALTER ROLE/DATABASE RESET ALL versus security
Date:	2010-02-19 18:30:49
Message-ID:	6804.1266604249@sss.pgh.pa.us
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

Alvaro Herrera <alvherre(at)commandprompt(dot)com> writes:
> Tom Lane wrote:
>> It looks to me like the code in AlterSetting() will allow an ordinary
>> user to blow away all settings for himself. Even those that are for
>> SUSET variables and were presumably set for him by a superuser. Isn't
>> this a security hole? I would expect that an unprivileged user should
>> not be able to change such settings, not even to the extent of
>> reverting to the installation-wide default.

> Yes, it is, but this is not a new hole. This works just fine in 8.4
> too:

So I'd argue for changing it in 8.4 too.

regards, tom lane

In response to

Re: ALTER ROLE/DATABASE RESET ALL versus security at 2010-02-19 18:22:22 from Alvaro Herrera

Responses

Re: ALTER ROLE/DATABASE RESET ALL versus security at 2010-02-19 18:41:16 from Alvaro Herrera

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Robert Haas	2010-02-19 18:34:46	Re: PGXS: REGRESS_OPTS=--load-language=plpgsql
Previous Message	Alvaro Herrera	2010-02-19 18:22:22	Re: ALTER ROLE/DATABASE RESET ALL versus security