David,
On Monday, October 6, 2014, David Fetter <
david@fetter.org> wrote:
On Mon, Oct 06, 2014 at 03:15:25PM -0400, Stephen Frost wrote:
> > As far as I can see, the previous code only looked up any given name
> > once. If you got a relation name, DoCopy() looked it up, and then
> > BeginCopy() references it only by the passed-down Relation descriptor;
> > if you got a query, DoCopy() ignores it, and then BeginCopy. All of
> > which is fine, at least AFAICS; if you think otherwise, that should be
> > reported to pgsql-security.
>
> Yeah, that's correct. I suppose there's some possible risk of things
> changing between when you parse the query and when it actually gets
> analyzed and rewritten, but that's not a security risk per-se..
I'm not sure I understand. If that change violates an access control,
it's a security risk /per se/, as you put it.
The case I was referring to doesn't violate an access control. I was merely pointing out that things can change between when the query is submitted by the user (or even later, during parse analysis) and when we actually resolve names to OIDs.
Thanks,
Stephen