User: Password:
|
|
Subscribe / Log in / New account

PostgreSQL 9.0 arrives with many new features

PostgreSQL 9.0 arrives with many new features

Posted Sep 21, 2010 22:19 UTC (Tue) by jberkus (subscriber, #55561)
In reply to: PostgreSQL 9.0 arrives with many new features by flewellyn
Parent article: PostgreSQL 9.0 arrives with many new features

In order for the application to make DDL changes at runtime, the application role needs to have unrestricted permissions on at least some tables. This creates a security hole if the web application is compromised.

The alternative is SECURITY DEFINER functions. However, most web developers don't care much for stored procedures. And, like setuid bits on files, security definer functions are potentially dangerous if not completely locked down.

In either case, you've given someone a complex way of solving their problem which requires more than a bit of database knowledge. If that person is a web GUI developer who is Just Trying To Get The Job Done, they instead end up running the web app with superuser or database owner permissions. As, indeed, SugarCRM did (and maybe still does).


(Log in to post comments)

PostgreSQL 9.0 arrives with many new features

Posted Sep 22, 2010 5:06 UTC (Wed) by flewellyn (subscriber, #5047) [Link]

Fair enough. I suppose if all you need is extensible attributes without integrity checks, runtime DDL is overkill as well.


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds