* Josh Berkus (josh@agliodbs.com) wrote:
> The only way I can see this being of real use to an attacker is if they
> could use this exploit to create a wormed version of PostgresQL on the
> target build system. Is that possible?
I don't see why it wouldn't be- once the attacker is on the box as any
user, they could gain access to the account doing the builds and then
build whatever they want. Of course, if they've been able to compromise
an account on the host it's entirely likely they've already been able to
gain admin access (probably more easily than going through PG to get at
the build user) and then it's a moot point.
All that said- if we can use named pipes on Windows, ala what we do on
Unix, I'm all for it..
Thanks,
Stephen