Skip site navigation (1) Skip section navigation (2)

Re: Bugtraq: Having Fun With PostgreSQL

From: Andrew Sullivan <ajs(at)crankycanuck(dot)ca>
To: pgsql-hackers(at)postgresql(dot)org
Subject: Re: Bugtraq: Having Fun With PostgreSQL
Date: 2007-06-26 19:26:13
Message-ID: 20070626192613.GR23306@phlogiston.dyndns.org (view raw or flat)
Thread:
Lists: pgsql-hackers
On Tue, Jun 26, 2007 at 03:08:59PM -0400, Tom Lane wrote:
> It still wouldn't make us "secure by default".  Not unless you propose
> to actually change the default.

Perhaps I wasn't clear enough, but the suggestion I made (for
something I actually don't care about, I hasten to add again) was
that the configure switch _would_ be set to something different by
default.  So it would require that those who need trust to work would
have to enable it on purpose; but (I suggested) at a not-too-invasive
point.  It'd just be another configure option, and you usually have
to reconsider those at major version upgrade anyway.  Nevertheless,

> In any case, what is "secure by default"?  

. . .I agree that the checkbox is a dumb one.  I think the entire
topic isn't worth the amount of electrons already spilled over it.  I
don't see anyone clamouring for this and I see at least one person
strongly opposed.  I think it should be regarded as Dead, Jim.

A

-- 
Andrew Sullivan  | ajs(at)crankycanuck(dot)ca
I remember when computers were frustrating because they *did* exactly what 
you told them to.  That actually seems sort of quaint now.
		--J.D. Baldwin

In response to

pgsql-hackers by date

Next:From: Gregory StarkDate: 2007-06-26 19:47:09
Subject: Re: Bugtraq: Having Fun With PostgreSQL
Previous:From: Tom LaneDate: 2007-06-26 19:08:59
Subject: Re: Bugtraq: Having Fun With PostgreSQL

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group