public inbox for [email protected]
help / color / mirror / Atom feedFrom: Tom Lane <[email protected]>
To: Peter Eisentraut <[email protected]>
Cc: [email protected]
Subject: Re: Fast-Path documentation
Date: Thu, 06 Mar 2003 18:19:27 -0500
Message-ID: <[email protected]> (raw)
In-Reply-To: <[email protected]>
References: <[email protected]>
Peter Eisentraut <[email protected]> writes:
> The libpq documentation contains this:
> """
> <productname>PostgreSQL</productname> provides a fast-path interface to
> send function calls to the backend. This is a trapdoor into system
> internals and can be a potential security hole. Most users will not need
> this feature.
> """
> Why and under what circumstances is this a security hole, and what is a
> user to do about it?
The security problem is that the frontend feeds raw internal-format data
to the backend. While this is relatively harmless for datatypes with no
internal structure, it'd be pretty easy to crash the backend by feeding
in a misconstructed polygon, for example. There was some discussion of
this in pgsql-interfaces awhile back, see
http://archives.postgresql.org/pgsql-interfaces/2003-01/msg00000.php
There are a bunch of other problems with the fast-path protocol; see
comments in src/backend/tcop/fastpath.c. I consider redesigning it to
be one of the "must do" topics for the long-threatened protocol revision.
regards, tom lane
view thread (2+ messages)
reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Reply to all the recipients using the --to and --cc options:
reply via email
To: [email protected]
Cc: [email protected], [email protected]
Subject: Re: Fast-Path documentation
In-Reply-To: <[email protected]>
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox