Re: How to use _estrict or \unrestirct in python
| От | Adrian Klaver |
|---|---|
| Тема | Re: How to use _estrict or \unrestirct in python |
| Дата | |
| Msg-id | cedab53f-e2c2-4c59-a7ba-279dc0c02034@aklaver.com обсуждение исходный текст |
| Ответ на | How to use _estrict or \unrestirct in python (ma lz <ma100@hotmail.com>) |
| Список | pgsql-general |
On 9/15/25 00:16, ma lz wrote: > To fix CVE-2025-8714, PG introduce \restrict , but if we use python > ( like psycopg2), it does not support slash command. The backslash commands are specific to psql: https://www.postgresql.org/docs/current/app-psql.html Per the release notes: https://www.postgresql.org/docs/current/release-17-6.html " Since dump/restore operations typically involve running SQL commands as superuser, the target database installation must trust the source server. However, it does not follow that the operating system user who executes psql to perform the restore should have to trust the source server. The risk here is that an attacker who has gained superuser-level control over the source server might be able to cause it to emit text that would be interpreted as psql meta-commands. That would provide shell-level access to the restoring user's own account, independently of access to the target database. To provide a positive guarantee that this can't happen, extend psql with a \restrict command that prevents execution of further meta-commands, and teach pg_dump to issue that before any data coming from the source server. " psycopg2/psycopg uses the same underlying library, libpq, as psql but psycopg does not support backslash commands. Therefore is cannot execute them directly in the manner explained above. Python in general can execute them indirectly by using something like: subprocess.check_output() to execute psql -f some_text_dump_file. It would be up to you to verify what is in the the dump file. -- Adrian Klaver adrian.klaver@aklaver.com
В списке pgsql-general по дате отправления: