On Mon, Aug 19, 2013 at 11:34:47AM +0200, Dimitri Fontaine wrote:
> Dave Page <dpage@pgadmin.org> writes:
> > If you find a hole in the boat, the preferred option is to fix it, not
> > to say "meh, well another won't hurt".
>
> My understanding is that there's no way to fix it. If you're superuser
> you have the keys to the kingdom. That's it.
>
> And that's why it's very important that as many as possible of our
> feature set works without requiring superuser.
That's pretty vague. Exactly what does "keys to the kingdom" mean? If
it means you can do anything to the database, you are right. If it
means executing arbitrary code, including arbitrary kernel calls, I
would like to hear how that is done.
Was writing into the postgres users's .profile and waiting for them to
log in what you were thinking of? You could also create a binary in
their home directory and have .profile run it. (I thought this was a
particularly creative exploit.)
-- Bruce Momjian <bruce@momjian.us> http://momjian.us EnterpriseDB
http://enterprisedb.com
+ It's impossible for everything to be true. +