From: | Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com> |
---|---|
To: | Robert Haas <robertmhaas(at)gmail(dot)com> |
Cc: | Michael Paquier <michael(dot)paquier(at)gmail(dot)com>, PostgreSQL mailing lists <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: Forbid use of LF and CR characters in database and role names |
Date: | 2016-09-08 16:12:49 |
Message-ID: | a5f4d0bb-46ca-58ad-f990-66ed8e21c190@2ndquadrant.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On 9/6/16 1:42 PM, Robert Haas wrote:
> If we were talking about pathnames containing spaces, I would agree,
> but I've never heard of a legitimate pathname containing CR or LF. I
> can't see us losing much by refusing to allow such pathnames, except
> for security holes.
The flip side of that is that if we're doing a half-way job of only
prohibiting these characters in 67% of cases, then a new generation of
tools will be written on top of that with the assumption that these
characters cannot appear. But then those tools will be easy to break or
exploit because it's possible to sneak stuff in in creative ways. So
we're on the road to having an endless stream of "I can sneak in a CR/LF
character in here" bugs.
The current setup is more robust: We are prohibiting these characters
in specific locations where we know we can't handle them. But we don't
give any guarantees about anything else.
--
Peter Eisentraut http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services
From | Date | Subject | |
---|---|---|---|
Next Message | Peter Eisentraut | 2016-09-08 16:19:39 | Re: ICU integration |
Previous Message | Peter Eisentraut | 2016-09-08 16:07:35 | Re: Re: [COMMITTERS] pgsql: Make initdb's suggested "pg_ctl start" command line more reliabl |