Magnus Hagander wrote:
How is this different from the fact that the superuser can
already use
COPY to accomplish the same thing?
COPY can accomplish a few of the same things, much less
conveniently (for instance, it's darn hard to write an
arbitrary binary file through COPY).
Right. But the *security* problem is more or less equal. If somebody
hacks your superuser account, they can make at least almost the same
amount of damage. It may take a little more work, but if you just want
to kill the system by overwriting files, or overwriting say the password
file, it's just as easy. And if what you want to do is stick some kind
of executable o nthe system, you can just wrap it in a shellscript that
will unpack it.
It could be argued that there should be provision for a limitation on
the locations in which COPY can write (and maybe read) files.
If COPY is a security hole then we should close it, not use that as
precedent to open another hole.
cheers
andrew
---------------------------(end of broadcast)---------------------------
TIP 6: explain analyze is your friend
