Participants
Peter Eisentraut
Peter Eisentraut
Tom Lane
Tom Lane
Attachments
Show all attachments
Thread Outline
#1Peter EisentrautPeter Eisentraut
Mar 05, 2003
#2Tom LaneTom Laneto Peter Eisentraut (#1)
Mar 06, 2003

Fast-Path documentation

Started by Peter Eisentrautabout 23 years ago2 messagesdocs
Jump to latest
#1Peter Eisentraut
Peter Eisentraut
peter_e@gmx.net

The libpq documentation contains this:

"""
<productname>PostgreSQL</productname> provides a fast-path interface to
send function calls to the backend. This is a trapdoor into system
internals and can be a potential security hole. Most users will not need
this feature.
"""

Why and under what circumstances is this a security hole, and what is a
user to do about it?

--
Peter Eisentraut peter_e@gmx.net

#2Tom Lane
Tom Lane
tgl@sss.pgh.pa.us
In reply to: Peter Eisentraut (#1)
Re: Fast-Path documentation

Peter Eisentraut <peter_e@gmx.net> writes:

The libpq documentation contains this:
"""
<productname>PostgreSQL</productname> provides a fast-path interface to
send function calls to the backend. This is a trapdoor into system
internals and can be a potential security hole. Most users will not need
this feature.
"""
Why and under what circumstances is this a security hole, and what is a
user to do about it?

The security problem is that the frontend feeds raw internal-format data
to the backend. While this is relatively harmless for datatypes with no
internal structure, it'd be pretty easy to crash the backend by feeding
in a misconstructed polygon, for example. There was some discussion of
this in pgsql-interfaces awhile back, see
http://archives.postgresql.org/pgsql-interfaces/2003-01/msg00000.php

There are a bunch of other problems with the fast-path protocol; see
comments in src/backend/tcop/fastpath.c. I consider redesigning it to
be one of the "must do" topics for the long-threatened protocol revision.

regards, tom lane

← Back to Topics