Re: Why are absolute paths considered a security risk?
| От | Hadley Willan |
|---|---|
| Тема | Re: Why are absolute paths considered a security risk? |
| Дата | |
| Msg-id | 1046221632.1595.3.camel@atlas.sol.deeper.co.nz обсуждение исходный текст |
| Ответ на | Re: Why are absolute paths considered a security risk? (Tom Lane <tgl@sss.pgh.pa.us>) |
| Список | pgsql-general |
Okay, this is fairly minor, and in our situation non-existant considering that the only user capable of creating databases is postgres. Thanks for your help. Hadley On Wed, 2003-02-26 at 13:31, Tom Lane wrote: > Hadley Willan <hadley.willan@deeperdesign.co.nz> writes: > > The documentation (7.2.1) mentions that allowing absolute paths when > > creating a db is a security risk and is off by default. > > However, it seems fairly hard to exploit, and I was wondering if anybody > > has any examples of how much of a risk this is? > > Reason I ask is we're considering turning them on in our server and want > > to consider these risks. > > The difficulty is that someone who is allowed to create databases (but > isn't necessarily a superuser) will be able to cause the backend to > scribble in any directory that the postgres user has write access to. > The potential damage is somewhat limited since "base/DBOID" gets tacked > onto the user-specified string, and the user has little if any control > over the DBOID part. Still, it's a risk. > > regards, tom lane -- Hadley Willan > Systems Development > Deeper Design Limited. +64(7)377-3328 hadley.willan@deeperdesign.co.nz > www.deeperdesign.com > +64(21)-28-41-463 Level 1, 4 Tamamutu St, PO Box 90, TAUPO 2730, New Zealand.
В списке pgsql-general по дате отправления: