Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1uyA1m-004d0R-1f for pgsql-general@arkaria.postgresql.org; Mon, 15 Sep 2025 14:17:58 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.94.2) (envelope-from ) id 1uyA1j-00Bswn-KE for pgsql-general@arkaria.postgresql.org; Mon, 15 Sep 2025 14:17:56 +0000 Received: from makus.postgresql.org ([2001:4800:3e1:1::229]) by malur.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1uyA1i-00Bswe-OT for pgsql-general@lists.postgresql.org; Mon, 15 Sep 2025 14:17:56 +0000 Received: from fout-a3-smtp.messagingengine.com ([103.168.172.146]) by makus.postgresql.org with smtp (Exim 4.96) (envelope-from ) id 1uyA1h-000YOk-0G for pgsql-general@lists.postgresql.org; Mon, 15 Sep 2025 14:17:54 +0000 Received: from phl-compute-06.internal (phl-compute-06.internal [10.202.2.46]) by mailfout.phl.internal (Postfix) with ESMTP id 55FA2EC038B; Mon, 15 Sep 2025 10:17:52 -0400 (EDT) Received: from phl-mailfrontend-01 ([10.202.2.162]) by phl-compute-06.internal (MEProxy); Mon, 15 Sep 2025 10:17:52 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=aklaver.com; h= cc:content-transfer-encoding:content-type:content-type:date:date :from:from:in-reply-to:in-reply-to:message-id:mime-version :references:reply-to:subject:subject:to:to; s=fm3; t=1757945872; x=1758032272; bh=98LBnxLo6dd4OMiSdTnS7+qUQiut51Aryq/V4xxR9C4=; b= b+AGn+PsHv6n3JcHsFLtWLkZ0uuchz4YqpGN/cfmuDt+eov6wI1tM9+xCIGIlLLi eFZQUGN8+c8cNy/wV8fTpXBxgaH9i7tX8T/mAJqFAWTwYbQFULTvbI9ZtUsM7TYh bfHLtZ/bwFsSl88braB0PRnhuANhymqLXKfDr0rMF4yxGtFBkEH6xn2xYI5+902Y xU//Jikb/t3iZkE8FRlbbzg3VKGUC/K3VZwEstCUs706NQ6zTV2gFMZ4xUpajEEd hq2uUscn96nfooQ2jB82rRRPXnDd/+1IT1riKTHwXLXrywpoPxLT8xNEZTctZ3TP Qkh8brmS8qSBJ5LiOfUTKQ== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:subject:subject:to:to:x-me-proxy:x-me-sender :x-me-sender:x-sasl-enc; s=fm1; t=1757945872; x=1758032272; bh=9 8LBnxLo6dd4OMiSdTnS7+qUQiut51Aryq/V4xxR9C4=; b=k6BD4qleJCoXucCXR xaB05t16W5kRwZRq2X6YUPylAb6bl+svZHSfod0f+mtYrICGhndt+xIgcQBk2bRf 0c4IWaDfeDGNJSNOrxNcR2qO8BUTOAL9DPpZ5BvGhKSBi1qWd8Wghw403RBsQfC1 MOSpiyIV1GHaeY5sEVozZdv02GDgr0hBwJH4IJyjV5Q60I1bPGsD9X5gDvn8rZZM e1MRFenByYowywJRLqDcfki0JGpspGS+n1ZCubkVN7K0ZyqWruCeN7c6GollxPs1 4xPb9U38JwVzoVavnElnJFV5TTV/NutfzXtLpTIDBHy565gGW/p9hVMupOWpVPTm FW6Lg== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeeffedrtdeggdefjeeludcutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpuffrtefokffrpgfnqfghnecuuegr ihhlohhuthemuceftddtnecunecujfgurhepkfffgggfuffvfhfhjggtgfesthejredttd dvjeenucfhrhhomheptegurhhirghnucfmlhgrvhgvrhcuoegrughrihgrnhdrkhhlrghv vghrsegrkhhlrghvvghrrdgtohhmqeenucggtffrrghtthgvrhhnpeekfeehuddvjeeigf eifeejtdduudffledvfeelheeftdeiffeugfdvkeelgedtvdenucffohhmrghinhepphho shhtghhrvghsqhhlrdhorhhgnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpe hmrghilhhfrhhomheprggurhhirghnrdhklhgrvhgvrhesrghklhgrvhgvrhdrtghomhdp nhgspghrtghpthhtohepvddpmhhouggvpehsmhhtphhouhhtpdhrtghpthhtohepmhgrud dttdeshhhothhmrghilhdrtghomhdprhgtphhtthhopehpghhsqhhlqdhgvghnvghrrghl sehlihhsthhsrdhpohhsthhgrhgvshhqlhdrohhrgh X-ME-Proxy: Feedback-ID: i76984098:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Mon, 15 Sep 2025 10:17:51 -0400 (EDT) Message-ID: Date: Mon, 15 Sep 2025 07:17:50 -0700 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: How to use \restrict or \unrestirct in python To: ma lz , "pgsql-general@lists.postgresql.org" References: Content-Language: en-US From: Adrian Klaver In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk On 9/15/25 00:16, ma lz wrote: > To fix CVE-2025-8714, PG introduce \restrict , but if we use python > ( like psycopg2), it does not support slash command. The backslash commands are specific to psql: https://www.postgresql.org/docs/current/app-psql.html Per the release notes: https://www.postgresql.org/docs/current/release-17-6.html " Since dump/restore operations typically involve running SQL commands as superuser, the target database installation must trust the source server. However, it does not follow that the operating system user who executes psql to perform the restore should have to trust the source server. The risk here is that an attacker who has gained superuser-level control over the source server might be able to cause it to emit text that would be interpreted as psql meta-commands. That would provide shell-level access to the restoring user's own account, independently of access to the target database. To provide a positive guarantee that this can't happen, extend psql with a \restrict command that prevents execution of further meta-commands, and teach pg_dump to issue that before any data coming from the source server. " psycopg2/psycopg uses the same underlying library, libpq, as psql but psycopg does not support backslash commands. Therefore is cannot execute them directly in the manner explained above. Python in general can execute them indirectly by using something like: subprocess.check_output() to execute psql -f some_text_dump_file. It would be up to you to verify what is in the the dump file. -- Adrian Klaver adrian.klaver@aklaver.com