| From: | Sandro Santilli <strk(at)kbt(dot)io> |
|---|---|
| To: | Daniel Gustafsson <daniel(at)yesql(dot)se> |
| Cc: | Laurenz Albe <laurenz(dot)albe(at)cybertec(dot)at>, Regina Obe <lr(at)pcorp(dot)us>, PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: [PATCH] Support % wildcard in extension upgrade filenames |
| Date: | 2022-06-04 09:21:53 |
| Message-ID: | YpskMclOjra+0Jzn@c19 |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Sat, May 28, 2022 at 05:26:05PM +0200, Daniel Gustafsson wrote:
> > On 28 May 2022, at 16:50, Laurenz Albe <laurenz(dot)albe(at)cybertec(dot)at> wrote:
>
> > I don't think this idea is fundamentally wrong, but I have two worries:
> >
> > 1. It would be a good idea good to make sure that there is not both
> > "extension--%--2.0.sql" and "extension--1.0--2.0.sql" present.
> > Otherwise the behavior might be indeterministic.
> >
> > 2. What if you have a "postgis--%--3.3.sql", and somebody tries to upgrade
> > their PostGIS 1.1 installation with it? Would that work?
> > Having a lower bound for a matching version might be a good idea,
> > although I have no idea how to do that.
>
> Following that reasoning, couldn't a rogue actor inject a fake file (perhaps
> bundled with another innocent looking extension) which takes precedence in
> wildcard matching?
I think whoever can write into the PostgreSQL extension folder will
be able to inject anything anyway....
--strk;
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Sandro Santilli | 2022-06-04 09:26:19 | Re: [PATCH] Support % wildcard in extension upgrade filenames |
| Previous Message | Sandro Santilli | 2022-06-04 09:20:55 | Re: [PATCH] Support % wildcard in extension upgrade filenames |