subject:"pgsql\: Block environment variable mutations from trusted PL\/Perl."

pgsql: Block environment variable mutations from trusted PL/Perl.

2024-11-14 Thread Noah Misch

Block environment variable mutations from trusted PL/Perl. Many process environment variables (e.g. PATH), bypass the containment expected of a trusted PL. Hence, trusted PLs must not offer features that achieve setenv(). Otherwise, an attacker having USAGE privilege on the language often can ac

pgsql: Block environment variable mutations from trusted PL/Perl.

2024-11-14 Thread Noah Misch

Block environment variable mutations from trusted PL/Perl. Many process environment variables (e.g. PATH), bypass the containment expected of a trusted PL. Hence, trusted PLs must not offer features that achieve setenv(). Otherwise, an attacker having USAGE privilege on the language often can ac

pgsql: Block environment variable mutations from trusted PL/Perl.

2024-11-14 Thread Noah Misch

Block environment variable mutations from trusted PL/Perl. Many process environment variables (e.g. PATH), bypass the containment expected of a trusted PL. Hence, trusted PLs must not offer features that achieve setenv(). Otherwise, an attacker having USAGE privilege on the language often can ac

pgsql: Block environment variable mutations from trusted PL/Perl.

2024-11-14 Thread Noah Misch

Block environment variable mutations from trusted PL/Perl. Many process environment variables (e.g. PATH), bypass the containment expected of a trusted PL. Hence, trusted PLs must not offer features that achieve setenv(). Otherwise, an attacker having USAGE privilege on the language often can ac

pgsql: Block environment variable mutations from trusted PL/Perl.

2024-11-14 Thread Noah Misch

Block environment variable mutations from trusted PL/Perl. Many process environment variables (e.g. PATH), bypass the containment expected of a trusted PL. Hence, trusted PLs must not offer features that achieve setenv(). Otherwise, an attacker having USAGE privilege on the language often can ac

pgsql: Block environment variable mutations from trusted PL/Perl.

2024-11-14 Thread Noah Misch

Block environment variable mutations from trusted PL/Perl. Many process environment variables (e.g. PATH), bypass the containment expected of a trusted PL. Hence, trusted PLs must not offer features that achieve setenv(). Otherwise, an attacker having USAGE privilege on the language often can ac

pgsql: Block environment variable mutations from trusted PL/Perl.

2024-11-14 Thread Noah Misch

Block environment variable mutations from trusted PL/Perl. Many process environment variables (e.g. PATH), bypass the containment expected of a trusted PL. Hence, trusted PLs must not offer features that achieve setenv(). Otherwise, an attacker having USAGE privilege on the language often can ac

pgsql: Block environment variable mutations from trusted PL/Perl.

pgsql: Block environment variable mutations from trusted PL/Perl.

pgsql: Block environment variable mutations from trusted PL/Perl.

pgsql: Block environment variable mutations from trusted PL/Perl.

pgsql: Block environment variable mutations from trusted PL/Perl.

pgsql: Block environment variable mutations from trusted PL/Perl.

pgsql: Block environment variable mutations from trusted PL/Perl.

7 matches

Site Navigation

Mail list logo

Footer information