In response to the news based on the CVE-2019-9193 vulnerability report, PostgreSQL developers have published a refutation. CVE-2019-9193 is being presented by some analysts as a critical remotely exploited problem, which in the default configuration, through manipulations with the COPY TO / FROM PROGRAM construct, executes arbitrary code with user rights under which the DBMS is running. As reported, these statements do not correspond to reality, the problem described is contrived and CVE-2019-9193 is in fact not a vulnerability. The vulnerability identifier CVE-2019-9193 was issued by mistake.
We encourage all users of PostgreSQL to follow the best practice that is to never grant superuser access to remote or otherwise untrusted users. This is a standard security operating procedure that is followed in system administration and extends to database administration as well.
The construction of "COPY TO / FROM PROGRAM" is a regular functionality that is available only to a user with administrative rights (superuser) or with the explicit delegation of the authority "pg_execute_server_program". Contrary to statements in publications, the pg_read_server_files and pg_write_server_files rights granted by default do not grant authority to execute the COPY..PROGRAM construct. Regular DBMS users do not have the ability to run handlers using the "COPY TO / FROM PROGRAM", and the administrator does not need to break into his own environment in which the database is running and which already has full access (the database administrator has the authority of the user under which PostgreSQL is running).