public inbox for [email protected]  
help / color / mirror / Atom feed
Fast-Path documentation
2+ messages / 2 participants
[nested] [flat]

* Fast-Path documentation
@ 2003-03-05 17:13  Peter Eisentraut <[email protected]>
  0 siblings, 1 reply; 2+ messages in thread

From: Peter Eisentraut @ 2003-03-05 17:13 UTC (permalink / raw)
  To: pgsql-docs

The libpq documentation contains this:

"""
<productname>PostgreSQL</productname> provides a fast-path interface to
send function calls to the backend.  This is a trapdoor into system
internals and can be a potential security hole.  Most users will not need
this feature.
"""

Why and under what circumstances is this a security hole, and what is a
user to do about it?

-- 
Peter Eisentraut   [email protected]




^ permalink  raw  reply  [nested|flat] 2+ messages in thread

* Re: Fast-Path documentation
@ 2003-03-06 23:19  Tom Lane <[email protected]>
  parent: Peter Eisentraut <[email protected]>
  0 siblings, 0 replies; 2+ messages in thread

From: Tom Lane @ 2003-03-06 23:19 UTC (permalink / raw)
  To: Peter Eisentraut <[email protected]>; +Cc: pgsql-docs

Peter Eisentraut <[email protected]> writes:
> The libpq documentation contains this:
> """
> <productname>PostgreSQL</productname> provides a fast-path interface to
> send function calls to the backend.  This is a trapdoor into system
> internals and can be a potential security hole.  Most users will not need
> this feature.
> """
> Why and under what circumstances is this a security hole, and what is a
> user to do about it?

The security problem is that the frontend feeds raw internal-format data
to the backend.  While this is relatively harmless for datatypes with no
internal structure, it'd be pretty easy to crash the backend by feeding
in a misconstructed polygon, for example.  There was some discussion of
this in pgsql-interfaces awhile back, see
http://archives.postgresql.org/pgsql-interfaces/2003-01/msg00000.php

There are a bunch of other problems with the fast-path protocol; see
comments in src/backend/tcop/fastpath.c.  I consider redesigning it to
be one of the "must do" topics for the long-threatened protocol revision.

			regards, tom lane




^ permalink  raw  reply  [nested|flat] 2+ messages in thread


end of thread, other threads:[~2003-03-06 23:19 UTC | newest]

Thread overview: 2+ messages (download: mbox mbox.gz follow: Atom feed)
-- links below jump to the message on this page --
2003-03-05 17:13 Fast-Path documentation Peter Eisentraut <[email protected]>
2003-03-06 23:19 ` Tom Lane <[email protected]>

This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox