| From: | "Dave Page" <dpage(at)pgadmin(dot)org> |
|---|---|
| To: | "Tom Lane" <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | "Lars Olson" <leolson1(at)uiuc(dot)edu>, pgsql-bugs(at)postgresql(dot)org |
| Subject: | Re: BUG #4074: Using SESSION_USER or CURRENT_USER in a view definition is unsafe |
| Date: | 2008-03-31 22:04:25 |
| Message-ID: | 937d27e10803311504ib836b4bp814f592325304fd6@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs pgsql-www |
On Mon, Mar 31, 2008 at 10:46 PM, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
> If this were a security issue, you already spilled the beans by
> reporting it to a public mailing list; so I'm unsure what you are
> concerned about.
I'd wager that Lars didn't realise the bug form goes straight to the
list. We should probably make that more clear.
On the other hand it does say to report security issues to security(at)(dot)(dot)(dot)
--
Dave Page
EnterpriseDB UK Ltd: http://www.enterprisedb.com
PostgreSQL UK 2008 Conference: http://www.postgresql.org.uk
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Alvaro Herrera | 2008-03-31 22:22:47 | Re: BUG #4074: Using SESSION_USER or CURRENT_USER in a view definition is unsafe |
| Previous Message | Lars E. Olson | 2008-03-31 21:58:28 | Re: BUG #4074: Using SESSION_USER or CURRENT_USER in a view definition is unsafe |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Alvaro Herrera | 2008-03-31 22:22:47 | Re: BUG #4074: Using SESSION_USER or CURRENT_USER in a view definition is unsafe |
| Previous Message | Tom Lane | 2008-03-31 21:46:48 | Re: BUG #4074: Using SESSION_USER or CURRENT_USER in a view definition is unsafe |