Re: [EXT]: Re: BUG #18604: Regression in PostgreSQL 16.4: pg_dump Prevents Essential System Table Modifications - Mailing list pgsql-bugs
| From | Basha |
|---|---|
| Subject | Re: [EXT]: Re: BUG #18604: Regression in PostgreSQL 16.4: pg_dump Prevents Essential System Table Modifications |
| Date | |
| Msg-id | GV1P194MB2356A3EF7A7014DA620B4C77D89F2@GV1P194MB2356.EURP194.PROD.OUTLOOK.COM Whole thread Raw |
| In response to | Re: [EXT]: Re: BUG #18604: Regression in PostgreSQL 16.4: pg_dump Prevents Essential System Table Modifications (Tom Lane <tgl@sss.pgh.pa.us>) |
| Responses |
Re: [EXT]: Re: BUG #18604: Regression in PostgreSQL 16.4: pg_dump Prevents Essential System Table Modifications
|
| List | pgsql-bugs |
Thank you for considering the RLS. Which would really help in solving.
All Iam looking is some kind of solution to the issue.
With regards to the roles , I have added the below into the view pg_catalog.pg_roles.
WHERE pg_has_role(CURRENT_USER, pg_authid.oid, 'member'::text) OR (pg_authid.rolname = ANY (ARRAY['postgres'::name);
This way, it will only show the roles they are member of. This makes sure it doesn't show other db roles.
Thank you,
Basha
Sent from Outlook for Android
From: Tom Lane <tgl@sss.pgh.pa.us>
Sent: Saturday, September 7, 2024 7:21:33 PM
To: Basha <Basha@maxcontact.com>
Cc: Christophe Pettus <xof@thebuild.com>; Joe Conway <mail@joeconway.com>; PostgreSQL Bug List <pgsql-bugs@lists.postgresql.org>
Subject: Re: [EXT]: Re: BUG #18604: Regression in PostgreSQL 16.4: pg_dump Prevents Essential System Table Modifications
Sent: Saturday, September 7, 2024 7:21:33 PM
To: Basha <Basha@maxcontact.com>
Cc: Christophe Pettus <xof@thebuild.com>; Joe Conway <mail@joeconway.com>; PostgreSQL Bug List <pgsql-bugs@lists.postgresql.org>
Subject: Re: [EXT]: Re: BUG #18604: Regression in PostgreSQL 16.4: pg_dump Prevents Essential System Table Modifications
Basha <Basha@maxcontact.com> writes:
> The fix in PG16.4, entirely prevents changes to pg_database, Is
> there any possibility of a more targeted approach.
If we allow pg_database to be replaced by a view, we have the same
hazard that the security patch means to fix: namely that the view
might be hostile, or even just that it might innocently lie to us
resulting in incorrect pg_dump output. I'm uninterested in poking
a hole in that security defense.
I don't think we've ended the discussion on whether to remove the
check that's preventing using RLS instead. But even if we choose
to do that, you're still depending on something that's not
supported and might break again in future. To be absolutely
clear: *nothing* you might use allow_system_table_mods to do
is considered supported for production purposes, and we will not
apologize for breaking it.
You really ought to think about how badly do you need to hide the
existence of other databases. It seems like a mighty low-priority
requirement from here, especially if you can't also hide the existence
of other roles.
regards, tom lane
> The fix in PG16.4, entirely prevents changes to pg_database, Is
> there any possibility of a more targeted approach.
If we allow pg_database to be replaced by a view, we have the same
hazard that the security patch means to fix: namely that the view
might be hostile, or even just that it might innocently lie to us
resulting in incorrect pg_dump output. I'm uninterested in poking
a hole in that security defense.
I don't think we've ended the discussion on whether to remove the
check that's preventing using RLS instead. But even if we choose
to do that, you're still depending on something that's not
supported and might break again in future. To be absolutely
clear: *nothing* you might use allow_system_table_mods to do
is considered supported for production purposes, and we will not
apologize for breaking it.
You really ought to think about how badly do you need to hide the
existence of other databases. It seems like a mighty low-priority
requirement from here, especially if you can't also hide the existence
of other roles.
regards, tom lane
pgsql-bugs by date: