| From: | Andrew Dunstan <andrew(at)dunslane(dot)net> |
|---|---|
| To: | Dave Page <dpage(at)pgadmin(dot)org> |
| Cc: | Jay Levitt <jay(dot)levitt(at)gmail(dot)com>, PG Hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Switching to Homebrew as recommended Mac install? |
| Date: | 2012-04-02 11:25:37 |
| Message-ID: | 4F798CB1.4000009@dunslane.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general pgsql-hackers |
On 04/02/2012 05:23 AM, Dave Page wrote:
> There are hundreds of thousands of pieces of malware for Windows that
> relied on the ability to write to "system" directories like this to do
> their misdeeds. Anywhere they can write (or modify existing) software
> that may get executed at boot time or by an unsuspecting users (or
> potentially, root). Microsoft spent millions, probably tens or
> hundreds of millions enhancing the security of Windows precisely
> because of this type of security issue.
>
> If homebrew intentionally creates a hole like that, then for as long
> as I'm one of the PostgreSQL webmasters it will *never* be listed on
> our download pages.
>
>
+10
I'm one of the people who doesn't have a horse in this race. (Recently I
was teaching my daughter about some development stuff and so I got her
to install Fedora under VirtualBox on her Mac :-) ). But as soon as I
saw this stuff about the intentional security hole it raised a great big
red flag with me too.
cheers
andrew
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Ivan Voras | 2012-04-02 11:33:50 | Re: Versioned, chunked documents |
| Previous Message | Albe Laurenz | 2012-04-02 10:22:02 | Re: Re: double check the role has what's kind of the privilege? And the same for the objects. Thanks. |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Peter Geoghegan | 2012-04-02 12:14:31 | Re: new group commit behavior not helping? |
| Previous Message | Simon Riggs | 2012-04-02 11:01:50 | Re: measuring lwlock-related latency spikes |