Re: [Pljava-dev] Should creating a new base type require superuser status?

Поиск
Список
Период
Сортировка
От Thomas Hallgren
Тема Re: [Pljava-dev] Should creating a new base type require superuser status?
Дата
Msg-id 48937589.10304@tada.se
обсуждение исходный текст
Ответ на Re: Should creating a new base type require superuser status?  (Tom Lane <tgl@sss.pgh.pa.us>)
Ответы Re: Re: [Pljava-dev] Should creating a new base type require superuser status?
Список pgsql-hackers
Дерево обсуждения 
It seems perfectly safe to me too for the reason that Kris mentions.

Tom, could you please elaborate where you see a security hole?

Regards,
Thomas Hallgren

Tom Lane wrote:
> Kris Jurka <books@ejurka.com> writes:
>   
>> On Wed, 30 Jul 2008, Alvaro Herrera wrote:
>>     
>>> I do agree that creating base types should require a superuser though.
>>> It too seems dangerous just on principle, even if today there's no
>>> actual hole (that we already know of).
>>>       
>
>   
>> pl/java already allows non-superusers to create functions returning 
>> cstring and base types built off of these functions.
>>     
>
> So in other words, if pl/java is installed we have a security hole
> a mile wide.
>
>             regards, tom lane
> _______________________________________________
> Pljava-dev mailing list
> Pljava-dev@pgfoundry.org
> http://pgfoundry.org/mailman/listinfo/pljava-dev
>

В списке pgsql-hackers по дате отправления: