Re: 8.4 release planning

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Simon Riggs <simon(at)2ndQuadrant(dot)com>
Cc: Joshua Brindle <method(at)manicmethod(dot)com>, Ron Mayer <rm_pg(at)cheapcomplexdevices(dot)com>, Josh Berkus <josh(at)agliodbs(dot)com>, "Joshua D(dot) Drake" <jd(at)commandprompt(dot)com>, Robert Haas <robertmhaas(at)gmail(dot)com>, Merlin Moncure <mmoncure(at)gmail(dot)com>, "Jonah H(dot) Harris" <jonah(dot)harris(at)gmail(dot)com>, Gregory Stark <stark(at)enterprisedb(dot)com>, Bruce Momjian <bruce(at)momjian(dot)us>, Bernd Helmle <mailings(at)oopsware(dot)de>, Peter Eisentraut <peter_e(at)gmx(dot)net>, pgsql-hackers(at)postgresql(dot)org
Subject: Re: 8.4 release planning
Date: 2009-01-27 16:26:18
Message-ID: 16347.1233073578@sss.pgh.pa.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

Simon Riggs <simon(at)2ndQuadrant(dot)com> writes:
> On Mon, 2009-01-26 at 22:55 -0500, Tom Lane wrote:
>> Silently filtering out rows according to an arbitrary security policy
>> can break a bunch of fundamental SQL semantics, the most obvious being
>> foreign key constraints

> That was exactly my reaction when I read the way it worked and I was
> ready to reject the patch as a result. Bruce and KaiGai provided
> documents that discuss the problem and it's a clearly a known issue in
> the security community. Specifically, it hasn't prevented Oracle from
> gaining security Certification and it shouldn't prevent us either. In
> the end it's the certification that matters here, rather than a general
> review of what database security is, or could be.

Yeah, people like certification, but they also like products that work.
Did you stop reading before getting to my non-security-based complaints?

regards, tom lane

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Kevin Grittner 2009-01-27 16:30:23 Re: More FOR UPDATE/FOR SHARE problems
Previous Message Kenneth Marshall 2009-01-27 16:25:08 Re: pg_upgrade project status