Search Postgresql Archives

Re: PG16.1 security breach?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Friday, June 7, 2024, Zwettler Markus (OIZ) <Markus.Zwettler@xxxxxxxxxx> wrote:


grant usage on schema oiz to public;

 

The role is also able to execute the function even I revoke any execute privilege explicitly:

 

revoke execute on function oiz.f_set_dbowner (p_dbowner text, p_dbname text) from testuser;


You never typed “grant execute … to testuser” nor setup a default privilege for them, so there is nothing there to revoke.  As was noted, the combination of your explicit usage grant, and the default execute grant, given to the public pseudo-role, enables this.

 

There are also no default privileges on the schema:


You explicitly granted usage to the pseudo-role public…


It is doubtful we’d add a global setting to control this.    And it’s a hard sell changing such a pervasive default.  As most functions are security invoker, and many are side-effect free, the default does have merit.  If your function is neither undoing the default is something that should probably be done.

I could maybe see adding a new “revoke all default privileges from public” command.

David J.


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Postgresql Jobs]     [Postgresql Admin]     [Postgresql Performance]     [Linux Clusters]     [PHP Home]     [PHP on Windows]     [Kernel Newbies]     [PHP Classes]     [PHP Databases]     [Postgresql & PHP]     [Yosemite]

  Powered by Linux