On Sat, Apr 16, 2016 at 4:38 AM, <soufiane.boussali@efet.ac.ma> wrote:
> The following bug has been logged on the website:
>
> Bug reference: 14090
> Logged by: Soufiane Boussali
> Email address: soufiane.boussali@efet.ac.ma
> PostgreSQL version: 9.5.2
> Operating system: Mac Os
> Description:
> =E2=80=8B[...]=E2=80=8B
>
> Some installations of Postgres 8 and 9 are configured to allow
> loading external scripting languages.
> Most commonly this is Perl and Python. When enabled, command
> execution is possible on the host.
> To execute system commands, loading the "untrusted" version of th=
e
> language is necessary.
> This requires a superuser. This is usually postgres. The executio=
n
> should be platform-agnostic,
> and has been tested on OS X, Windows, and Linux.
>
> This module attempts to load Perl or Python to execute system
> commands. As this dynamically loads
> a scripting language to execute commands, it is not necessary to
> drop a file on the filesystem.
>
=E2=80=8BThat's why they are "untrusted"...and if being superuser is a requ=
irement
then it isn't really an exploit now, is it?
For reference PostgreSQL version numbering requires two digits separate by
a period. Version 8 and version 9 are incomplete identifiers as they lack
the second digit. All versions beginning with 8 are also no longer
supported.
I could not follow the code so my only real guide for complaint/intent is
the description which I've quoted.
David J.
=E2=80=8B