public inbox for [email protected]
help / color / mirror / Atom feedFast-Path documentation
2+ messages / 2 participants
[nested] [flat]
* Fast-Path documentation
@ 2003-03-05 17:13 Peter Eisentraut <[email protected]>
2003-03-06 23:19 ` Re: Fast-Path documentation Tom Lane <[email protected]>
0 siblings, 1 reply; 2+ messages in thread
From: Peter Eisentraut @ 2003-03-05 17:13 UTC (permalink / raw)
To: pgsql-docs
The libpq documentation contains this:
"""
<productname>PostgreSQL</productname> provides a fast-path interface to
send function calls to the backend. This is a trapdoor into system
internals and can be a potential security hole. Most users will not need
this feature.
"""
Why and under what circumstances is this a security hole, and what is a
user to do about it?
--
Peter Eisentraut [email protected]
^ permalink raw reply [nested|flat] 2+ messages in thread
* Re: Fast-Path documentation
2003-03-05 17:13 Fast-Path documentation Peter Eisentraut <[email protected]>
@ 2003-03-06 23:19 ` Tom Lane <[email protected]>
0 siblings, 0 replies; 2+ messages in thread
From: Tom Lane @ 2003-03-06 23:19 UTC (permalink / raw)
To: Peter Eisentraut <[email protected]>; +Cc: pgsql-docs
Peter Eisentraut <[email protected]> writes:
> The libpq documentation contains this:
> """
> <productname>PostgreSQL</productname> provides a fast-path interface to
> send function calls to the backend. This is a trapdoor into system
> internals and can be a potential security hole. Most users will not need
> this feature.
> """
> Why and under what circumstances is this a security hole, and what is a
> user to do about it?
The security problem is that the frontend feeds raw internal-format data
to the backend. While this is relatively harmless for datatypes with no
internal structure, it'd be pretty easy to crash the backend by feeding
in a misconstructed polygon, for example. There was some discussion of
this in pgsql-interfaces awhile back, see
http://archives.postgresql.org/pgsql-interfaces/2003-01/msg00000.php
There are a bunch of other problems with the fast-path protocol; see
comments in src/backend/tcop/fastpath.c. I consider redesigning it to
be one of the "must do" topics for the long-threatened protocol revision.
regards, tom lane
^ permalink raw reply [nested|flat] 2+ messages in thread
end of thread, other threads:[~2003-03-06 23:19 UTC | newest]
Thread overview: 2+ messages (download: mbox mbox.gz follow: Atom feed)
-- links below jump to the message on this page --
2003-03-05 17:13 Fast-Path documentation Peter Eisentraut <[email protected]>
2003-03-06 23:19 ` Tom Lane <[email protected]>
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox