Re: Addressing SECURITY DEFINER Function Vulnerabilities in PostgreSQL Extensions
Robert Haas <robertmhaas@gmail.com>
From: Robert Haas <robertmhaas@gmail.com>
To: Ashutosh Sharma <ashu.coek88@gmail.com>
Cc: Jeff Davis <pgsql@j-davis.com>, John H <johnhyvr@gmail.com>, Alexander Kukushkin <cyberdemn@gmail.com>,
Jelte Fennema-Nio <postgres@jeltef.nl>, Ashutosh Bapat <ashutosh.bapat.oss@gmail.com>,
pgsql-hackers <pgsql-hackers@postgresql.org>
Date: 2024-07-16T16:09:51Z
Lists: pgsql-hackers
On Tue, Jul 16, 2024 at 1:55 AM Ashutosh Sharma <ashu.coek88@gmail.com> wrote: > Just to confirm, are you suggesting to remove the protected flag and > set the default search_path (as $extension_schema,) for all functions > within an extension where no explicit search_path is set? No, I'm not saying that. In fact I'm not sure we should have the protected flag at all. > In addition > to that, also allow users to explicitly set $extension_schema as the > search_path and bypass resolution of $extension_schema for objects > outside the extension? Yes, I'm saying that. -- Robert Haas EDB: http://www.enterprisedb.com