jian he <jian.universality@gmail.com> writes:
> The following Todo item seems already resolved in pg15.
> https://wiki.postgresql.org/wiki/Todo#Triggers
>> Tighten trigger permission checks
>> - Security leak with trigger functions?
>> <http://archives.postgresql.org/pgsql-hackers/2006-12/msg00564.php>
> But it seems to not appear in the pg15 release notes. (I searched for the
> keywords "trigger" and "function").
The case shown at the head of that thread was fixed more than a decade
ago, cf commit 891e6e7bf (CVE-2012-0866). However, the followup questions
discussed in the thread are still live: should there be a run-time not
only trigger-creation-time privilege check, and if so what should it
check exactly? And is a separate TRIGGER privilege even reasonable,
rather than just saying you must be table owner to create a trigger?
regards, tom lane