Pgsql-http - Revision history

Busk at 21:31, 28 August 2025

2025-08-28T21:31:05Z

Busk at 21:25, 28 August 2025

2025-08-28T21:25:56Z

Busk: Created page with "SELECT http_set_curlopt('CURLOPT_TIMEOUT', '20'); SELECT http_set_curlopt('CURLOPT_TCP_KEEPALIVE', '20');"

2024-02-25T21:07:50Z

Created page with "SELECT http_set_curlopt('CURLOPT_TIMEOUT', '20'); SELECT http_set_curlopt('CURLOPT_TCP_KEEPALIVE', '20');"

New page

SELECT http_set_curlopt('CURLOPT_TIMEOUT', '20');
SELECT http_set_curlopt('CURLOPT_TCP_KEEPALIVE', '20');

@@ Line 2: / Line 2: @@
 SELECT http_set_curlopt('CURLOPT_TCP_KEEPALIVE', '20');
 The http extension requires superuser permissions because it is not marked as a trusted extension and can perform operations that pose a significant security risk.
@@ Line 12: / Line 14: @@
   * Denial of Service (DoS): A user could make a large number of requests to a particular external server, potentially causing a DoS attack against it. Conversely, they could make requests to a slow-responding or nonexistent server, causing the database's worker processes to hang and impacting database performance.
 In general, any extension that allows the database to interact with the external world or perform actions outside of its core function (data storage and retrieval) is likely to require superuser privileges to ensure it is not used to compromise the system. The http extension's ability to make network requests falls squarely into this category.

← Older revision		Revision as of 21:25, 28 August 2025
Line 1:		Line 1:
	SELECT http_set_curlopt('CURLOPT_TIMEOUT', '20');		SELECT http_set_curlopt('CURLOPT_TIMEOUT', '20');
	SELECT http_set_curlopt('CURLOPT_TCP_KEEPALIVE', '20');		SELECT http_set_curlopt('CURLOPT_TCP_KEEPALIVE', '20');
		+
		+
		+	The http extension requires superuser permissions because it is not marked as a trusted extension and can perform operations that pose a significant security risk.
		+	The http extension allows a user to make outbound HTTP requests directly from the database, which is a powerful capability that could be abused.
		+	Security Ramifications
		+	Granting a non-superuser the ability to create and use the http extension can lead to several security vulnerabilities. The risks arise from the fact that a user could leverage this functionality for malicious purposes.
		+	* Data Exfiltration: A malicious user with access to the http extension could exfiltrate data from the database. For example, they could construct an HTTP request to send sensitive information to an external server they control.
		+	* Access to Internal Network: The http extension allows the PostgreSQL server to act as a client. This could be used to probe, scan, or attack other services on the internal network that the database server has access to.
		+	* Server-Side Request Forgery (SSRF): If a user can control the URL and headers of the HTTP request, they could exploit an SSRF vulnerability. This could allow them to make the database server act as a proxy to access other internal resources, potentially bypassing firewalls.
		+	* Denial of Service (DoS): A user could make a large number of requests to a particular external server, potentially causing a DoS attack against it. Conversely, they could make requests to a slow-responding or nonexistent server, causing the database's worker processes to hang and impacting database performance.
		+	In general, any extension that allows the database to interact with the external world or perform actions outside of its core function (data storage and retrieval) is likely to require superuser privileges to ensure it is not used to compromise the system. The http extension's ability to make network requests falls squarely into this category.