Home > mailing lists

Re: pg18: Virtual generated columns are not (yet) safe when superuser selects from them - Mailing list pgsql-hackers

From	Matthias van de Meent
Subject	Re: pg18: Virtual generated columns are not (yet) safe when superuser selects from them
Date	May 29 21:24:03
Msg-id	CAEze2WiZihoO8xFC131G1JbZo-Rkd2BrESZUsx1hSAuFTvNpMw@mail.gmail.com Whole thread Raw
In response to	Re: pg18: Virtual generated columns are not (yet) safe when superuser selects from them (Robert Haas <robertmhaas@gmail.com>)
Responses	Re: pg18: Virtual generated columns are not (yet) safe when superuser selects from them
List	pgsql-hackers

Tree view

On Thu, 29 May 2025 at 15:44, Robert Haas <robertmhaas@gmail.com> wrote:
> But so far - apart from this feature - we
> have managed to avoid making it categorically unsafe for the superuser
> to run "SELECT * FROM table"

With CREATE RULE [0], a table owner can redefine what happens during
e.g. SELECT * FROM table. This also includes outputting alternative
data sources, or e.g. calling a user-defined SECURITY INVOKER
function.

PG18 still seems to have support for CREATE RULE, so virtual generated
columns don't create a completely new security issue (blind SELECT *
FROM user_defined_table was already insecure) but rather a new threat
vector to this privilege escalation.

Kind regards,

Matthias van de Meent
Neon (https://neon.tech)

[0] https://www.postgresql.org/docs/18/sql-createrule.html

pgsql-hackers by date:

From: Tom Lane
Date: 29 May, 21:15:22
Subject: Re: pg18: Virtual generated columns are not (yet) safe when superuser selects from them

From: Tom Lane
Date: 29 May, 21:30:29
Subject: Re: pg18: Virtual generated columns are not (yet) safe when superuser selects from them

Re: pg18: Virtual generated columns are not (yet) safe when superuser selects from them - Mailing list pgsql-hackers

Previous

Next