[prev in list] [next in list] [prev in thread] [next in thread] 

List:       postgresql-general
Subject:    =?UTF-8?Q?Re:_wiki.postgres_=E2=80=8B_Tighten_trigger_permission_?= =?UTF-8?Q?checks_already_resolve
From:       Tom Lane <tgl () sss ! pgh ! pa ! us>
Date:       2023-04-25 3:06:28
Message-ID: 603516.1682391988 () sss ! pgh ! pa ! us
[Download RAW message or body]

jian he <jian.universality@gmail.com> writes:
> The following Todo item seems  already resolved in pg15.
> https://wiki.postgresql.org/wiki/Todo#Triggers
>> Tighten trigger permission checks
>> - Security leak with trigger functions?
>> <http://archives.postgresql.org/pgsql-hackers/2006-12/msg00564.php>

> But it seems to not appear in the pg15 release notes. (I searched for the
> keywords "trigger" and "function").

The case shown at the head of that thread was fixed more than a decade
ago, cf commit 891e6e7bf (CVE-2012-0866).  However, the followup questions
discussed in the thread are still live: should there be a run-time not
only trigger-creation-time privilege check, and if so what should it
check exactly?  And is a separate TRIGGER privilege even reasonable,
rather than just saying you must be table owner to create a trigger?

			regards, tom lane


[prev in list] [next in list] [prev in thread] [next in thread]