Re: How to stop script executions
On Tue, Jul 26, 2016 at 9:52 AM, Dev Kumkar <devdas.kumkar@gmail.com> wrote:On Tue, Jul 26, 2016 at 6:59 PM, David G. Johnston <david.g.johnston@gmail.com> wrote:Just thinking if untrusted language like plperlu is not installed then executing arbitrary commands is not possible.Typically this means that given user only having psql, or some other backend protocol only, connect to the database are they able to execute arbitrary commands as the user running the PostgreSQL process on the host system.Untrusted langauges are untrusted for specifically this reason. Without untrusted languages it requires privilege escalation to interact dynamically with the host operating system.Assuming raised privileges it is presently impossible to prevent such dynamic interaction.So the other possible which you did mention was COPY FROM PROGRAM command, is this understanding correct?Regards...
>COPY FROM PROGRAM
I think at this point it would be most beneficial if
1. You stated your version of PostgreSQL & O/S
2. Gave a comprehensive explanation of exactly what you are trying to do.
IOW, What exactly are you trying to prevent users from doing and why?
I agree. From my reading at: https://www.postgresql.org/docs/9.5/static/sql-copy.html the COPY FROM PROGRAM is only available to a PostgreSQL user who is database superuser. That, sort of, implies to me that said user is trusted not to do "evil", but abide by the restrictions place upon him/her/it. In some strange reality where this is not the case, and I was running on Linux, I would use SeLinux in enforcing mode to really restrict what the id under which the server is running could do. That is, a "don't allow unless explicitly allowed" type policy. Or I'd "sandbox" the PostgreSQL server code using something like docker, or under in a virtual machine with little access to other services.
--Melvin Davidson
I reserve the right to fantasize. Whether or not you
wish to share my fantasy is entirely up to you.
Klein bottle for rent -- inquire within.
Maranatha! <><
John McKown
John McKown
В списке pgsql-general по дате отправления: