Received: from localhost (unknown [200.46.204.183]) by postgresql.org (Postfix) with ESMTP id 8A73164FD2E for ; Fri, 1 Aug 2008 18:00:32 -0300 (ADT) Received: from postgresql.org ([200.46.204.86]) by localhost (mx1.hub.org [200.46.204.183]) (amavisd-maia, port 10024) with ESMTP id 06858-10 for ; Fri, 1 Aug 2008 18:00:26 -0300 (ADT) X-Greylist: delayed 00:16:27.701142 by SQLgrey-1.7.6 Received: from tada.se (1-1-2-48a.rny.sth.bostream.se [82.182.133.12]) by postgresql.org (Postfix) with ESMTP id 8B03564FCF5 for ; Fri, 1 Aug 2008 18:00:26 -0300 (ADT) Received: from [10.59.1.70] (unverified [88.131.27.66]) by tada.se (SurgeMail 3.9e) with ESMTP id 165599-1788151 for multiple; Fri, 01 Aug 2008 22:43:56 +0200 Message-ID: <48937589.10304@tada.se> Date: Fri, 01 Aug 2008 22:43:53 +0200 From: Thomas Hallgren User-Agent: Thunderbird 2.0.0.16 (Windows/20080708) MIME-Version: 1.0 To: Tom Lane CC: Kris Jurka , pljava-dev@pgfoundry.org, Alvaro Herrera , pgsql-hackers@postgreSQL.org Subject: Re: [Pljava-dev] Should creating a new base type require superuser status? References: <19715.1217447413@sss.pgh.pa.us> <20080730220753.GG3977@alvh.no-ip.org> <23846.1217539394@sss.pgh.pa.us> In-Reply-To: <23846.1217539394@sss.pgh.pa.us> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Originating-IP: 88.131.27.66 X-Authenticated-User: thomas@tada.se X-Virus-Scanned: Maia Mailguard 1.0.1 X-Spam-Status: No, hits=0.1 tagged_above=0 required=5 tests=RDNS_DYNAMIC=0.1 X-Spam-Level: X-Archive-Number: 200808/29 X-Sequence-Number: 121783 It seems perfectly safe to me too for the reason that Kris mentions. Tom, could you please elaborate where you see a security hole? Regards, Thomas Hallgren Tom Lane wrote: > Kris Jurka writes: > >> On Wed, 30 Jul 2008, Alvaro Herrera wrote: >> >>> I do agree that creating base types should require a superuser though. >>> It too seems dangerous just on principle, even if today there's no >>> actual hole (that we already know of). >>> > > >> pl/java already allows non-superusers to create functions returning >> cstring and base types built off of these functions. >> > > So in other words, if pl/java is installed we have a security hole > a mile wide. > > regards, tom lane > _______________________________________________ > Pljava-dev mailing list > Pljava-dev@pgfoundry.org > http://pgfoundry.org/mailman/listinfo/pljava-dev >