On Thu, 13 Jan 2005 12:20:41 +0000, Dick Davies
<rasputnik@hellooperator.net> wrote:
> > But only if either setuid root or executed by root. Hey, on my
> > system even /bin/sh is owned by root; it would be funny of it
> > executed as root
> C'mon folks, the guy obviously made a booboo - no need to rub his
> nose in it...
I apologize if it felt like it. Anyway, I've been thinking about it a bit;
if pgsql files are owned by pgsql and some BAD user with too high
privileges (say, plperlU or other unrestricted access), she can modify
database files (like remove everything from data directory, etc.), and
it matters little if files are owned by root or postgres -- the database
data is owned by postgres.
However, if she is really BAD, she can prepare her own version of say,
psql binary (which will "invisibly" grant her access to all victims tables
for instance) and overwrite PostgreSQL's original version with her own.
If the files are owned by root, she cannot do it (though she can try
making postgres suid shell binary in /tmp, etc. etc. etc.). :-)
Regards,
Dawid