On Fri, 23 May 2025 at 14:48, jian he <jian.universal...@gmail.com> wrote: > when you mark it as IMMUTABLE, postgres think it's IMMUTABLE, but in this case > exploit_generated.exploit(i int) clearly is not an IMMUTABLE function. > > Only IMMUTABLE functions are allowed in generated expressions, > but you can still misuse it by wrongly tagging the function as IMMUTABLE.
Yeah, I'm quite aware that the pattern used in the example isn't what one *should* be doing. However, the problem with the exploit that it *could* be done this way. The loophole is this: - the generated virtual column can use a user-defined function - when running SELECT against that column by a superuser the function is called within the context of a superuser - this in turn allows the regular user to run any code within the context of superuser
