Quick Links

Re: pg_amcheck option to install extension

From:	Michael Paquier <michael(at)paquier(dot)xyz>
To:	Mark Dilger <mark(dot)dilger(at)enterprisedb(dot)com>
Cc:	Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Andrew Dunstan <andrew(at)dunslane(dot)net>, Alvaro Herrera <alvherre(at)alvh(dot)no-ip(dot)org>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org>
Subject:	Re: pg_amcheck option to install extension
Date:	2021-04-20 04:22:20
Message-ID:	YH5W/GLiJtx+scJp@paquier.xyz
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

On Mon, Apr 19, 2021 at 08:39:06PM -0700, Mark Dilger wrote:
> This is a classic privilege escalation attack. Bob has one
> privilege, and uses it to get another.

Bob is a superuser, so it has all the privileges of the world for this
instance. In what is that different from BASE_BACKUP or just COPY
FROM PROGRAM?

I am not following your argument here.
--
Michael

In response to

Re: pg_amcheck option to install extension at 2021-04-20 03:39:06 from Mark Dilger

Responses

Re: pg_amcheck option to install extension at 2021-04-20 05:31:18 from Mark Dilger

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	vignesh C	2021-04-20 04:27:16	Re: locking [user] catalog tables vs 2pc vs logical rep
Previous Message	Mark Dilger	2021-04-20 03:39:06	Re: pg_amcheck option to install extension