Re: Problem with accesing Oracle from plperlu functionwhen using remote pg client.

On Mon, Mar 16, 2009 at 08:50:36PM -0400, Tom Lane wrote:
> Heikki Linnakangas <heikki.linnakangas@enterprisedb.com> writes:
> > Hmm, I wonder if you could do something malicious with it.
>
> There are any number of scenarios where exposing the client command-line
> contents to other database users represents a security hole, quite
> independently of whether anything falls over depending on the line
> contents.  (I wonder whether there are any Oracle clients that accept
> a password on the command line, for instance.)

Note that you're talking about the whole command line, whereas oracle
apparently talks about the "program name" (argv[0]). Normally the
commandline in memory has NUL characters between the arguments, with
the part to the first NUL being the program name, like so:

# cat /proc/3793/cmdline |hexdump -C
00000000  2f 73 62 69 6e 2f 64 68  63 6c 69 65 6e 74 00 2d  |/sbin/dhclient.-|
00000010  31 00 2d 6c 66 00 2f 76  61 72 2f 6c 69 62 2f 64  |1.-lf./var/lib/d|            ^^          ^^

Whereas postgresql, in munging it's command line uses *spaces* between
each bit, meaning that anyone looking for the "program name" (argv[0])
is going to get the whole line. Example:

# cat /proc/4472/cmdline |hexdump -C
00000000  70 6f 73 74 67 72 65 73  3a 20 77 72 69 74 65 72  |postgres: writer|
00000010  20 70 72 6f 63 65 73 73  20 20 20 00 00 00 00 00  | process   .....|         ^^                       ^^ ^^

Maybe someone could check if replacing the first space with a NUL
works. It shouldn't effect the ps output.

Have a nice day,
--
Martijn van Oosterhout   <kleptog@svana.org>   http://svana.org/kleptog/
> Please line up in a tree and maintain the heap invariant while
> boarding. Thank you for flying nlogn airlines.