upstream/postgresql
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2026-02-15 00:33:54 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
postgresql/doc
History
Noah Misch 1d701d28a7 Prevent privilege escalation in explicit calls to PL validators. 
The primary role of PL validators is to be called implicitly during
CREATE FUNCTION, but they are also normal functions that a user can call
explicitly.  Add a permissions check to each validator to ensure that a
user cannot use explicit validator calls to achieve things he could not
otherwise achieve.  Back-patch to 8.4 (all supported versions).
Non-core procedural language extensions ought to make the same two-line
change to their own validators.

Andres Freund, reviewed by Tom Lane and Noah Misch.

Security: CVE-2014-0061
2014-02-17 09:33:33 -05:00
..
src Prevent privilege escalation in explicit calls to PL validators. 2014-02-17 09:33:33 -05:00
bug.template Stamp 9.2.6. 2013-12-02 16:00:18 -05:00
KNOWN_BUGS Remove extra newlines at end and beginning of files, add missing newlines 2010-08-19 05:57:36 +00:00
Makefile Add maintainer-check target 2011-03-28 22:56:52 +03:00
MISSING_FEATURES Remove extra newlines at end and beginning of files, add missing newlines 2010-08-19 05:57:36 +00:00
TODO Update URL. 2008-08-21 20:15:31 +00:00