Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1ryhqI-0003cc-Jl for pgsql-general@arkaria.postgresql.org; Mon, 22 Apr 2024 00:47:35 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.94.2) (envelope-from ) id 1ryhqH-00GmoW-8t for pgsql-general@arkaria.postgresql.org; Mon, 22 Apr 2024 00:47:33 +0000 Received: from makus.postgresql.org ([2001:4800:3e1:1::229]) by malur.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1ryhqF-00GmiL-Bm for pgsql-general@lists.postgresql.org; Mon, 22 Apr 2024 00:47:32 +0000 Received: from wfhigh6-smtp.messagingengine.com ([64.147.123.157]) by makus.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1ryhqB-003zcB-So for pgsql-general@lists.postgresql.org; Mon, 22 Apr 2024 00:47:30 +0000 Received: from compute5.internal (compute5.nyi.internal [10.202.2.45]) by mailfhigh.west.internal (Postfix) with ESMTP id 6151C18000F6; Sun, 21 Apr 2024 20:47:25 -0400 (EDT) Received: from mailfrontend2 ([10.202.2.163]) by compute5.internal (MEProxy); Sun, 21 Apr 2024 20:47:25 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=aklaver.com; h= cc:cc:content-transfer-encoding:content-type:content-type:date :date:from:from:in-reply-to:in-reply-to:message-id:mime-version :references:reply-to:subject:subject:to:to; s=fm2; t=1713746844; x=1713833244; bh=mv6AzgchwbedSGuTrwJakGCUjufrDTkQXLIRavPjUgA=; b= aDFvdb7Ao7+7PGLFBJbABlm7fxduobyvzn9HQ2lw3ibRUpAOG6kLvovdsrEFxvTa avK52D9SBxdRw0+0d6XAWlis6ASRb8eaa6jZnHyk1dPLTV5aYlb62UIsz4or4rKU nIrLZrp0v8zkgq+9Dl5P7epGox01o+TQUoePrliCmUPL7ftCJHd5v794VZTTpmSE xg9TKItCErmE7ZwBr6KORHVpAkdSzKEChsQ4H6VVsBLbybT5NnH9efSwmvUp18Kn JXxchimO1goxqzyMhVRak6ADHUYnaXr2Of9KFXk20CAQgohgagAp5JCAZtU0taVH WRC9FMrM4MYjvvx6HHQvlA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:content-type:date:date:feedback-id:feedback-id :from:from:in-reply-to:in-reply-to:message-id:mime-version :references:reply-to:subject:subject:to:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm3; t=1713746844; x= 1713833244; bh=mv6AzgchwbedSGuTrwJakGCUjufrDTkQXLIRavPjUgA=; b=O jH8gZUae64euyX9JXeyAhX6ape/aYBh0NOE+RCyv3gJ2EUyjMMG2YCKLy6iSyaGM jr4OtE2SPNGsTc21pxAkuHnd9muzMPPgrJaapz6nc1G7u6vezQLFFvJA1BBh1OFS 5iG46mWo2tkzpdI4eCeQEqj6dOi+IV1qICwJ8EyXJ09bni2Y9qLZVr/5QxE+tnJh FDEnHOkXpOtrCCJbSXfx5A5gSHY9oRA16C3nEhe79PpZ03ram4EUfiYDJ2VkRlxW HEW7yRS3pH5ZAXCrr/4+brXJMO+R/CvqfltO3//e/p4r8ovPetnHSXIpLN8ElpGU 7Utz+GbUqLzig6z3xfleQ== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvledrudekkedgfeejucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurhepkfffgggfuffvvehfhfgjtgfgsehtkeertddtvdejnecuhfhrohhmpeetughr ihgrnhcumfhlrghvvghruceorggurhhirghnrdhklhgrvhgvrhesrghklhgrvhgvrhdrtg homheqnecuggftrfgrthhtvghrnhepgfdufeekhfevfeelveeiueevhedvuddukeduvddv lefhueeuieejtdeuvdevvdeunecuffhomhgrihhnpehpohhsthhgrhgvshhqlhdrohhrgh enucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpegrughr ihgrnhdrkhhlrghvvghrsegrkhhlrghvvghrrdgtohhm X-ME-Proxy: Feedback-ID: i76984098:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Sun, 21 Apr 2024 20:47:23 -0400 (EDT) Message-ID: <6f2f938b-b3fb-4dd8-9dbf-e82624b53152@aklaver.com> Date: Sun, 21 Apr 2024 17:47:22 -0700 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: error in trigger creation To: Tom Lane Cc: yudhi s , "David G. Johnston" , pgsql-general References: <2720974.1713710606@sss.pgh.pa.us> <73f0e7a2-b958-4a95-96d8-08e08909c9c1@aklaver.com> <2858912.1713734480@sss.pgh.pa.us> Content-Language: en-US From: Adrian Klaver In-Reply-To: <2858912.1713734480@sss.pgh.pa.us> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk On 4/21/24 14:21, Tom Lane wrote: > Adrian Klaver writes: >> On 4/21/24 11:20, yudhi s wrote: >>> So in this case i was wondering if "event trigger" can cause any >>> additional threat and thus there is no such privilege like "create >>> trigger" exist in postgres and so it should be treated cautiously? > >> An event trigger runs as a superuser and executes a function that in >> turn can do many things, you do the math on the threat level. > > As a trivial example: an event trigger could prevent the legitimate > superuser(s) from doing anything at all in that database, just by > blocking all their commands. This might not even require malicious > intent, merely faulty coding --- but the opportunity for malicious > intent is staggeringly large. As an FYI to above: https://www.postgresql.org/docs/current/sql-createeventtrigger.html "Event triggers are disabled in single-user mode (see postgres). If an erroneous event trigger disables the database so much that you can't even drop the trigger, restart in single-user mode and you'll be able to do that." > > regards, tom lane -- Adrian Klaver adrian.klaver@aklaver.com