Re: security_definer_search_path GUC

Pavel Stehule <pavel.stehule@gmail.com>

From: Pavel Stehule <pavel.stehule@gmail.com>
To: Marko Tiikkaja <marko@joh.to>
Cc: Joel Jacobson <joel@compiler.org>, PostgreSQL Hackers <pgsql-hackers@lists.postgresql.org>
Date: 2021-06-03T16:03:09Z
Lists: pgsql-hackers

Commits

Same data as JSON: GET /api/v1/messages/:b64id/commits the thread's linked commits as JSON, with link sources. API reference →
  1. Create a new GUC variable search_path to control the namespace search

čt 3. 6. 2021 v 17:54 odesílatel Marko Tiikkaja <marko@joh.to> napsal:

> On Thu, Jun 3, 2021 at 9:14 AM Joel Jacobson <joel@compiler.org> wrote:
>
>> On Thu, Jun 3, 2021, at 00:55, Marko Tiikkaja wrote:
>>
>> They still show up everywhere when looking at "public".  So this is only
>> slightly better, and a maintenance burden.
>>
>>
>> Good point. I find this annoying as well sometimes.
>>
>> It's easy to get a list of all objects for an extension, via \dx+
>>
>> But it's hard to see what objects in a schema, that are provided by
>> different extensions, via e.g. \df public.*
>>
>> What about adding a new "Extension" column next to "Schema" to the
>> relevant commands, such as \df?
>>
>
> That's just one part of it.  The other part of my original proposal was to
> avoid having to  SET search_path  for all SECURITY DEFINER functions.  I
> still think either being able to lock search_path or the separate prosecdef
> search_path is the best option here.
>

I agree so some possibility of locking search_path or possibility to
control who and when can change it can increase security. This should be a
core feature. It's maybe more generic issue - same functionality can be
required for work_mem setting, maybe max_paralel_workers_per_gather, and
other GUC

Regards

Pavel

>
>
> .m
>