Quick Links

Re: Safe security

From:	Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To:	Tim Bunce <Tim(dot)Bunce(at)pobox(dot)com>
Cc:	Andrew Dunstan <andrew(at)dunslane(dot)net>, jd(at)commandprompt(dot)com, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org>
Subject:	Re: Safe security
Date:	2010-03-08 16:03:27
Message-ID:	18842.1268064207@sss.pgh.pa.us
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

Tim Bunce <Tim(dot)Bunce(at)pobox(dot)com> writes:
> Here's a patch that:
> 1. adds wording like that to the docs.
> 2. randomises the container package name (a simple and sound security measure).
> 3. requires Safe 2.25 (which has assorted fixes, including security).
> 4. removed a harmless but suprious exclamation mark from the source.

#3 is still an absolute nonstarter, especially for a patch that we'd
wish to backpatch.

regards, tom lane

In response to

Re: Safe security at 2010-03-08 14:37:20 from Tim Bunce

Responses

Re: Safe security at 2010-03-08 16:55:29 from David E. Wheeler
Re: Safe security at 2010-03-08 17:32:03 from Tim Bunce
Re: Safe security at 2010-03-08 18:11:07 from Alex Hunsaker

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Kevin Grittner	2010-03-08 16:25:41	Re: SQL compatibility reminder: MySQL vs PostgreSQL
Previous Message	Tom Lane	2010-03-08 15:59:19	Re: SQL compatibility reminder: MySQL vs PostgreSQL