Re: pl/perl and security
| От | Jan Wieck |
|---|---|
| Тема | Re: pl/perl and security |
| Дата | |
| Msg-id | 200102081210.HAA03543@jupiter.greatbridge.com обсуждение исходный текст |
| Ответ на | pl/perl and security ("CMVV" <cmvilaverde@mail.telepac.pt>) |
| Список | pgsql-interfaces |
CMVV wrote: > Hi, > > I have discovered that in pl/perl we cannot make use of file handling. > The README file in ../pl/plperl give us an hint with an example of a > badfunc(). > What are the security reasons to do so, since with postgresql extensions > (functions) written in C language we can do anything with flat files ? > Can this security issue with pl/perl be overrided ? > If so, how can i hack it ? > It will be so nice to manage files from server-based functions written in > pl/perl. > Thanx The security issue is that PL/Perl is designed to be a trusted procedural language. Meaning, any unprivileged user can create functions in it. Having file access, which is done under the UNIX-userid running the postmaster process, any user could modify your pg_hba.conf ... The same applies for PL/Tcl, why there will be an untrusted PL/TclU in 7.1, where only DB superusers can define functions in it. I'm not a Perl guy, but AFAIK you can modify the command mask used for the perl interpreter in the PL handler. But be sure to restrict your patched version of PL/Perl to superusers, or accept that you created a big security hole. Jan -- #======================================================================# # It's easier to get forgiveness for being wrong than for being right. # # Let's break this rule - forgive me. # #================================================== JanWieck@Yahoo.com # _________________________________________________________ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com
В списке pgsql-interfaces по дате отправления: