| From: | Philip Warner <pjw(at)rhyme(dot)com(dot)au> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: pg_largeobject is a security hole |
| Date: | 2001-06-27 23:17:42 |
| Message-ID: | 3.0.5.32.20010628091742.0364c220@mail.rhyme.com.au |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
At 12:27 27/06/01 -0400, Tom Lane wrote:
>I propose that initdb should do
> REVOKE ALL on pg_largeobject FROM public
>
May have an issue with PG_DUMP, which does a 'select oid from
pg_largeobject', I think.
----------------------------------------------------------------
Philip Warner | __---_____
Albatross Consulting Pty. Ltd. |----/ - \
(A.B.N. 75 008 659 498) | /(@) ______---_
Tel: (+61) 0500 83 82 81 | _________ \
Fax: (+61) 0500 83 82 82 | ___________ |
Http://www.rhyme.com.au | / \|
| --________--
PGP key available upon request, | /
and from pgp5.ai.mit.edu:11371 |/
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Philip Warner | 2001-06-27 23:25:37 | Re: Re: 7.2 items |
| Previous Message | Tom Lane | 2001-06-27 23:03:02 | Re: functions returning records |