[Pgpool-hackers] query cache specification: possible security issue
Tatsuo Ishii
ishii at sraoss.co.jp
Tue Jun 21 22:11:12 UTC 2011
> Quote:
> "
> My proposal is using key md5(username+query_string+database_name) as
> cache key. One drawback is even if a table is accessable by user A and
> B, they cannot share the query cache.
>
> Comments?
> "
>
> What about search_path? The same query string can return different results depending on that. There might be other settings which do affect the query results or visibility (set/grant/revoke role). Maybe just document these limitations?
>
> For example I do have a database which contains multiple Django applications in different schemas, each containing auth_user table.
IMO because pgpool executes query in the same search_path, it's no
problem as long as the user does not change search_path dynamically.
If the user changes search_path dynamically, we could use
md5(username+search_path+query_string+database_name). Of course this
requires additional database inquire on search_path. Do we need this?
--
Tatsuo Ishii
SRA OSS, Inc. Japan
English: http://www.sraoss.co.jp/index_en.php
Japanese: http://www.sraoss.co.jp
More information about the Pgpool-hackers
mailing list