On Tue, Jul 26, 2016 at 9:52 AM, Dev Kumkar <devdas.kumkar@xxxxxxxxx> wrote:
On Tue, Jul 26, 2016 at 6:59 PM, David G. Johnston <david.g.johnston@xxxxxxxxx> wrote:Just thinking if untrusted language like plperlu is not installed then executing arbitrary commands is not possible.Typically this means that given user only having psql, or some other backend protocol only, connect to the database are they able to execute arbitrary commands as the user running the PostgreSQL process on the host system.Untrusted langauges are untrusted for specifically this reason. Without untrusted languages it requires privilege escalation to interact dynamically with the host operating system.Assuming raised privileges it is presently impossible to prevent such dynamic interaction.So the other possible which you did mention was COPY FROM PROGRAM command, is this understanding correct?Regards...
>COPY FROM PROGRAM
I think at this point it would be most beneficial if
1. You stated your version of PostgreSQL & O/S
2. Gave a comprehensive explanation of exactly what you are trying to do.
IOW, What exactly are you trying to prevent users from doing and why?
--
Melvin Davidson
I reserve the right to fantasize. Whether or not you
wish to share my fantasy is entirely up to you.![]()
I reserve the right to fantasize. Whether or not you
wish to share my fantasy is entirely up to you.
