> On Nov 7, 2022, at 17:24, Jan Bilek <jan.bi...@eftlab.com.au> wrote: > Would there be any way to go around this? The typical configuration is to not permit the PostgreSQL superuser to log in remotely. The database can be managed by a different, non-superuser role, including schema migrations. > CREATE OR REPLACE LANGUAGE plpython3u; > HINT: Must be superuser to create this extension. The reason only a superuser can create this extension is the "u" at the end of the name: It is an untrusted PL that can bypass PostgreSQL's role system. If anyone could create functions in it, anyone could bypass roles.
- PCI:SSF - Safe SQL Query & operators filter Jan Bilek
- Re: PCI:SSF - Safe SQL Query & operators filter Christophe Pettus
- Re: PCI:SSF - Safe SQL Query & operators fi... Jan Bilek
- Re: PCI:SSF - Safe SQL Query & operator... Christophe Pettus
- Re: PCI:SSF - Safe SQL Query & oper... Jan Bilek
- Re: PCI:SSF - Safe SQL Query &... Laurenz Albe
- Re: PCI:SSF - Safe SQL Query &... Jan Bilek
- Re: PCI:SSF - Safe SQL Query & operators filter David G. Johnston
- Re: PCI:SSF - Safe SQL Query & operators filter Jeffrey Walton
- Re: PCI:SSF - Safe SQL Query & operators filter Laurenz Albe
- ERROR: unsupported Unicode escape sequence - in JSO... Jan Bilek
- Re: ERROR: unsupported Unicode escape sequence ... Laurenz Albe
