Not logged in
Log in now
Create an account
Subscribe to LWN
LWN.net Weekly Edition for December 5, 2013
Deadline scheduling: coming soon?
LWN.net Weekly Edition for November 27, 2013
ACPI for ARM?
LWN.net Weekly Edition for November 21, 2013
The bug in question involved the client sending an invalid database name.
A serious PostgreSQL security fix
Posted Apr 7, 2013 22:40 UTC (Sun) by hummassa (subscriber, #307)
Posted Apr 8, 2013 12:44 UTC (Mon) by tialaramex (subscriber, #21167)
So very likely you can connect to any TLS-supporting PostgreSQL server with proof that you're "A Badman <firstname.lastname@example.org>" and the server will go try to access the database to determine whether this "A Badman" person is authorized. With this particular bug, that's already too late.
In principle the server _could_ round up all the rules for authorization for all the databases, and then do early reject for connections that don't match, but that would be a lot of extra work to handle a slow path case, and (unless you know about this bug) there's no reason to approach it that way.
Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds