an induce postgres_fdw to
> read an
> > arbitrary file from the local filesystem?
>
> Yes, see my comments in the "Allow 'sslkey' and 'sslcert' in
> postgres_fdw user mappings" thread.
>
>
> Ugh, I misread your comment.
>
> You raise a sensible concern.
On Fri, 10 Jan 2020 at 06:16, Andrew Dunstan
wrote:
> On Fri, Jan 10, 2020 at 8:32 AM Tom Lane wrote:
> >
> > Andrew Dunstan writes:
> > > On Fri, Jan 10, 2020 at 1:21 AM Robert Haas
> wrote:
> > >> I share the concern about the security issue here. I can't testify to
> > >> whether
On Thu, 9 Jan 2020 at 22:38, Christoph Berg wrote:
> Re: Robert Haas 2020-01-09 nw+...@mail.gmail.com>
> > Does this mean that a non-superuser can induce postgres_fdw to read an
> > arbitrary file from the local filesystem?
>
> Yes, see my comments in the &quo
On Fri, Jan 10, 2020 at 8:32 AM Tom Lane wrote:
>
> Andrew Dunstan writes:
> > On Fri, Jan 10, 2020 at 1:21 AM Robert Haas wrote:
> >> I share the concern about the security issue here. I can't testify to
> >> whether Christoph's whole analysis is here, but as a general point,
> >>
Andrew Dunstan writes:
> On Fri, Jan 10, 2020 at 1:21 AM Robert Haas wrote:
>> I share the concern about the security issue here. I can't testify to
>> whether Christoph's whole analysis is here, but as a general point,
>> non-superusers can't be allowed to do things that cause the server to
>>
> On 9 Jan 2020, at 22:38, Andrew Dunstan
> wrote:
> I'm not (yet)
> convinced that there is any significant security threat here. This
> doesn't give the user or indeed any postgres code any access to the
> contents of these files. But if there is a consensus to restrict this
> I'll do it.
On Fri, Jan 10, 2020 at 1:21 AM Robert Haas wrote:
>
> On Thu, Jan 9, 2020 at 5:30 AM Christoph Berg wrote:
> > I have some concerns about security, though. It's true that the
> > sslcert/sslkey options can only be set/modified by superusers when
> > "password_required" is set. But when
On Thu, Jan 9, 2020 at 5:30 AM Christoph Berg wrote:
> I have some concerns about security, though. It's true that the
> sslcert/sslkey options can only be set/modified by superusers when
> "password_required" is set. But when password_required is not set, any
> user and create user mappings that
Re: Robert Haas 2020-01-09
> Does this mean that a non-superuser can induce postgres_fdw to read an
> arbitrary file from the local filesystem?
Yes, see my comments in the "Allow 'sslkey' and 'sslcert' in
postgres_fdw user mappings" thread.
Christoph
On Thu, Jan 9, 2020 at 3:11 AM Andrew Dunstan wrote:
> Allow 'sslkey' and 'sslcert' in postgres_fdw user mappings
>
> This allows different users to authenticate with different certificates.
>
> Author: Craig Ringer
>
> https://git.postgre
Re: To Andrew Dunstan 2020-01-09 <20200109103014.ga4...@msg.df7cb.de>
> I believe the options are still used in that case
> for creating connections, even when that means the remote server isn't
> set up for cert auth, which needs password_required=false to succeed.
They are indeed:
Re: To Andrew Dunstan 2020-01-09 <20200109103014.ga4...@msg.df7cb.de>
> sslcert/sslkey options can only be set/modified by superusers when
> "password_required" is set. But when password_required is not set, any
> user and create user mappings that reference arbitrary files on the
> server
Re: Andrew Dunstan 2019-11-01
> {"password_required", UserMappingRelationId, false},
> + /*
> + * Extra room for the user mapping copies of sslcert and
> sslkey. These
> + * are really libpq options but we repeat them here to allow
> them to
On Wed, Jan 8, 2020 at 7:36 PM Peter Eisentraut
wrote:
>
> On 2019-12-02 00:12, Andrew Dunstan wrote:
> > On 11/30/19 8:48 PM, Michael Paquier wrote:
> >> On Thu, Oct 31, 2019 at 07:54:41PM -0400, Andrew Dunstan wrote:
> >>> This patch achieves $SUBJECT and also provides some testing of the
> >>>
On 2019-12-02 00:12, Andrew Dunstan wrote:
On 11/30/19 8:48 PM, Michael Paquier wrote:
On Thu, Oct 31, 2019 at 07:54:41PM -0400, Andrew Dunstan wrote:
This patch achieves $SUBJECT and also provides some testing of the
sslpassword setting.
The patch does not apply anymore, so a rebase is
On 11/30/19 8:48 PM, Michael Paquier wrote:
> On Thu, Oct 31, 2019 at 07:54:41PM -0400, Andrew Dunstan wrote:
>> This patch achieves $SUBJECT and also provides some testing of the
>> sslpassword setting.
> The patch does not apply anymore, so a rebase is needed. As it has
> not been reviewed, I
On Thu, Oct 31, 2019 at 07:54:41PM -0400, Andrew Dunstan wrote:
> This patch achieves $SUBJECT and also provides some testing of the
> sslpassword setting.
The patch does not apply anymore, so a rebase is needed. As it has
not been reviewed, I am moving it to next CF, waiting on author.
--
This patch achieves $SUBJECT and also provides some testing of the
sslpassword setting.
cheers
andrew
--
Andrew Dunstanhttps://www.2ndQuadrant.com
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services
diff --git
18 matches
Mail list logo
