From: | Dave Cramer <pg(at)fastcrypt(dot)com> |
---|---|
To: | Robert Haas <robertmhaas(at)gmail(dot)com> |
Cc: | Craig Ringer <craig(at)2ndquadrant(dot)com>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, "Joshua D(dot) Drake" <jd(at)commandprompt(dot)com>, Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com>, Tatsuo Ishii <ishii(at)sraoss(dot)co(dot)jp>, Ian Barwick <ian(dot)barwick(at)2ndquadrant(dot)com>, "pgsql-hackers(at)postgresql(dot)org" <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: let's make the list of reportable GUCs configurable (was Re: Add %r substitution for psql prompts to show recovery status) |
Date: | 2019-07-11 18:28:49 |
Message-ID: | CADK3HHLdqFkuOeZ_+04OU6+q9p=4B4X8hNQheeVmfSd+b08opQ@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On Wed, 10 Jul 2019 at 16:22, Robert Haas <robertmhaas(at)gmail(dot)com> wrote:
> On Wed, Jul 10, 2019 at 9:59 AM Dave Cramer <pg(at)fastcrypt(dot)com> wrote:
> > I'm still a bit conflicted about what to do with search_path as I do
> believe this is potentially a security issue.
> > It may be that we always want to report that and possibly back patch it.
>
> I don't see that as a feasible option unless we make the logic that
> does the reporting smarter. If it changes transiently inside of a
> security-definer function, and then changes back, my recollection is
> that right now we would report both changes. I think that could cause
> a serious efficiency problem if you are calling such a function in a
> loop.
>
Not being intimately familiar with the backend the implications of above
just struck home.
So if I understand this correctly if user bob has altered his search path
and there is a security-definer function called owned by him then
the search path will be changed for the duration of the function and
reported for every iteration? The implications of this are "interesting" to
say the least.
Dave Cramer
davec(at)postgresintl(dot)com
www.postgresintl.com
>
>
From | Date | Subject | |
---|---|---|---|
Next Message | Andrew Dunstan | 2019-07-11 18:54:42 | Re: buildfarm's typedefs list has gone completely nutso |
Previous Message | Peter Geoghegan | 2019-07-11 18:19:46 | Re: [HACKERS] [WIP] Effective storage of duplicates in B-tree index. |