Quick Links

Re: let's make the list of reportable GUCs configurable (was Re: Add %r substitution for psql prompts to show recovery status)

From:	Dave Cramer <pg(at)fastcrypt(dot)com>
To:	Robert Haas <robertmhaas(at)gmail(dot)com>
Cc:	Craig Ringer <craig(at)2ndquadrant(dot)com>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, "Joshua D(dot) Drake" <jd(at)commandprompt(dot)com>, Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com>, Tatsuo Ishii <ishii(at)sraoss(dot)co(dot)jp>, Ian Barwick <ian(dot)barwick(at)2ndquadrant(dot)com>, "pgsql-hackers(at)postgresql(dot)org" <pgsql-hackers(at)postgresql(dot)org>
Subject:	Re: let's make the list of reportable GUCs configurable (was Re: Add %r substitution for psql prompts to show recovery status)
Date:	2019-07-11 18:28:49
Message-ID:	CADK3HHLdqFkuOeZ_+04OU6+q9p=4B4X8hNQheeVmfSd+b08opQ@mail.gmail.com
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

On Wed, 10 Jul 2019 at 16:22, Robert Haas <robertmhaas(at)gmail(dot)com> wrote:

> On Wed, Jul 10, 2019 at 9:59 AM Dave Cramer <pg(at)fastcrypt(dot)com> wrote:
> > I'm still a bit conflicted about what to do with search_path as I do
> believe this is potentially a security issue.
> > It may be that we always want to report that and possibly back patch it.
>
> I don't see that as a feasible option unless we make the logic that
> does the reporting smarter. If it changes transiently inside of a
> security-definer function, and then changes back, my recollection is
> that right now we would report both changes. I think that could cause
> a serious efficiency problem if you are calling such a function in a
> loop.
>

Not being intimately familiar with the backend the implications of above
just struck home.

So if I understand this correctly if user bob has altered his search path
and there is a security-definer function called owned by him then
the search path will be changed for the duration of the function and
reported for every iteration? The implications of this are "interesting" to
say the least.

Dave Cramer

davec(at)postgresintl(dot)com
www.postgresintl.com

>
>

In response to

Re: let's make the list of reportable GUCs configurable (was Re: Add %r substitution for psql prompts to show recovery status) at 2019-07-10 20:21:46 from Robert Haas

Responses

Re: let's make the list of reportable GUCs configurable (was Re: Add %r substitution for psql prompts to show recovery status) at 2019-07-11 19:06:52 from Robert Haas

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Andrew Dunstan	2019-07-11 18:54:42	Re: buildfarm's typedefs list has gone completely nutso
Previous Message	Peter Geoghegan	2019-07-11 18:19:46	Re: [HACKERS] [WIP] Effective storage of duplicates in B-tree index.