[HACKERS] Re: [Pljava-dev] Should creating a new base type require superuser status?

Thomas Hallgren Fri, 01 Aug 2008 14:00:49 -0700

It seems perfectly safe to me too for the reason that Kris mentions.


Tom, could you please elaborate where you see a security hole?

Regards,
Thomas Hallgren

Tom Lane wrote:

Kris Jurka <[EMAIL PROTECTED]> writes:

On Wed, 30 Jul 2008, Alvaro Herrera wrote:

I do agree that creating base types should require a superuser though.
It too seems dangerous just on principle, even if today there's no
actual hole (that we already know of).

pl/java already allows non-superusers to create functions returningcstring and base types built off of these functions.


So in other words, if pl/java is installed we have a security hole
a mile wide.

                        regards, tom lane
_______________________________________________
Pljava-dev mailing list
[EMAIL PROTECTED]
http://pgfoundry.org/mailman/listinfo/pljava-dev



--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers

[HACKERS] Re: [Pljava-dev] Should creating a new base type require superuser status?

Reply via email to