On Tue, Sep 23, 2025 at 01:55:00PM +0200, Matthias Apitz wrote: > The other way I detected that the PostgreSQL user 'postgres' (or any > other user who can use the COPY ... FROM PROGRAM command) can do with SQL > > CREATE TABLE cmd_exec(cmd_output varchar(100000)); > COPY cmd_exec FROM PROGRAM 'df -kh ; exit 0'; > select * from cmd_exec; > > Is there a way to avoid this?
Don't use superuser. Don't allow logging as superuser from remote places. Don't grant pg_execute_server_program to anyone. Best regards, depesz
