postgresql

mirror of https://git.postgresql.org/git/postgresql.git synced 2025-01-06 15:24:56 +08:00

History

Noah Misch 537cbd35c8 Prevent privilege escalation in explicit calls to PL validators. The primary role of PL validators is to be called implicitly during CREATE FUNCTION, but they are also normal functions that a user can call explicitly. Add a permissions check to each validator to ensure that a user cannot use explicit validator calls to achieve things he could not otherwise achieve. Back-patch to 8.4 (all supported versions). Non-core procedural language extensions ought to make the same two-line change to their own validators. Andres Freund, reviewed by Tom Lane and Noah Misch. Security: CVE-2014-0061		2014-02-17 09:33:31 -05:00
..
src	Prevent privilege escalation in explicit calls to PL validators.	2014-02-17 09:33:31 -05:00
bug.template	Stamp HEAD as 9.4devel.	2013-06-14 14:41:28 -04:00
KNOWN_BUGS
Makefile	Remove maintainer-check target, fold into normal build	2013-10-10 20:11:56 -04:00
MISSING_FEATURES
TODO