Re: Addressing SECURITY DEFINER Function Vulnerabilities in PostgreSQL Extensions
Ashutosh Sharma <ashu.coek88@gmail.com>
From: Ashutosh Sharma <ashu.coek88@gmail.com>
To: John H <johnhyvr@gmail.com>
Cc: Alexander Kukushkin <cyberdemn@gmail.com>,
Jelte Fennema-Nio <postgres@jeltef.nl>, Jeff Davis <pgsql@j-davis.com>,
Ashutosh Bapat <ashutosh.bapat.oss@gmail.com>, pgsql-hackers <pgsql-hackers@postgresql.org>
Date: 2024-06-13T03:09:37Z
Lists: pgsql-hackers
Hi, On Wed, Jun 12, 2024 at 11:35 PM John H <johnhyvr@gmail.com> wrote: > > > But, I also agree with Jelte, it should be a property of a control file, rather than a user controlled parameter, so that an attacker can't opt out. > This will be addressed in the next patch version. > +1. Also curious what happens if an extension author has search_path > already set in proconfig for a function that doesn't match what's in > the control file. I'm guessing the function one should take > precedence. > Yes, if the author has explicitly set the proconfig, it will take precedence. -- With Regards, Ashutosh Sharma.