Skip site navigation (1) Skip section navigation (2)

Re: Compliment from the Database Hacker's Handbook

From: Christopher Browne <cbbrowne(at)acm(dot)org>
To: pgsql-advocacy(at)postgresql(dot)org
Subject: Re: Compliment from the Database Hacker's Handbook
Date: 2005-08-17 13:12:37
Message-ID: m3acjgk8qi.fsf@mobile.int.cbbrowne.com (view raw or flat)
Thread:
Lists: pgsql-advocacy
> To quote:
>
> "By default, PostgreSQL is probably the most security-aware database 
> available ..."
> Database Hacker's Handbook
> Lithcfield et. al.
> Wiley
> http://www.wiley.com/WileyCDA/WileyAncillary/productCd-0764578014.html
>
> I'm gonna see if we can use the quote for our front page ...

Based on the sample chapter, the book looks pretty nifty, too.

I love their two suggestions near the end of that chapter:

  1. Don't believe the documentation

     In theory, the "non-marketing dependance" of PostgreSQL ought to
     mean that the documentation is capable of being more honest, but
     even so, it's an interesting approach ;-).

  2. That security analysts implement their own client

     The issue, which, to some degree, we see with psql, is that the
     default clients somewhat "sanitize" requests.  Sanity tends to be
     a good thing, better than insanity :-), but it's hard to hit some
     of the race conditions without the lack of sanitation...

     I probably ought to do this some time; it would be a useful
     learning experience...
-- 
(reverse (concatenate 'string "moc.liamg" "@" "enworbbc"))
http://cbbrowne.com/info/
If we were meant to fly, we wouldn't keep losing our luggage.

In response to

pgsql-advocacy by date

Next:From: Josh BerkusDate: 2005-08-18 16:13:36
Subject: Open Source TCO talk wanted for OSDBC -- Deadline tommorrow!
Previous:From: Christopher BrowneDate: 2005-08-17 13:05:27
Subject: Re: Publishing and PostgreSQL

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group