| From: | "Dawid Kuroczko" <qnex42(at)gmail(dot)com> |
|---|---|
| To: | "Ray Stell" <stellr(at)cns(dot)vt(dot)edu> |
| Cc: | pgsql-admin(at)postgresql(dot)org |
| Subject: | Re: bugtraq post |
| Date: | 2007-06-18 21:39:23 |
| Message-ID: | 758d5e7f0706181439n2bca6b96xf312d8960633a5ae@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin |
On 6/18/07, Ray Stell <stellr(at)cns(dot)vt(dot)edu> wrote:
> On Mon, Jun 18, 2007 at 11:24:45AM +0200, Dawid Kuroczko wrote:
> > On 6/17/07, Ray Stell <stellr(at)cns(dot)vt(dot)edu> wrote:
> > >Or as PDF at at
> > >http://www.portcullis.co.uk/uplds/whitepapers/Having_Fun_With_PostgreSQL.pdf
> >
> > Anyhow it's good to know that most vulnerabilities in PostgreSQL require
> > superuser privilege. :-)
>
> To me the most significant thing here is that the security community is kicking
> the tires. That can be a very good thing.
Hmm, I can see your point. Its good that we can dismiss most arguments
saying that 'it requires superuser', and yet if they find any real problems
(like search_path stuff), the sooner the better for us.
Regards,
Dawid
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Jim Nasby | 2007-06-18 22:16:23 | Re: How to restore updated records |
| Previous Message | Rodrigo De León | 2007-06-18 21:17:59 | Re: Postgres VS Oracle |