From: | "David G(dot) Johnston" <david(dot)g(dot)johnston(at)gmail(dot)com> |
---|---|
To: | PostgreSQL Hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org> |
Subject: | Comments on old bug report in light of CVE-2018-1058 |
Date: | 2018-03-01 14:30:30 |
Message-ID: | CAKFQuwZ_wDHHAGPeZEtxkTxDdj0tbeE9J-sux6N=vxSPYJmw3g@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
Hackers,
By happen-stance I recently came across an old bug report that I responded
to, #13651 (circa 2015-09), and reading the commentary for CVE-2018-1058
made me think about it in a different light. While no one added to my
responses back then I'm thinking it would be worthwhile if one or more
persons with more experience than myself would skim over the thread and
make a judgement as to whether there is anything worth addressing.
The thread ends up being a bit more broad than just what the subject line
implies.
BUG #13651: trigger security invoker attack
Thanks!
David J.
From | Date | Subject | |
---|---|---|---|
Next Message | David Steele | 2018-03-01 14:35:30 | Re: Reduce amount of WAL generated by CREATE INDEX for gist, gin and sp-gist |
Previous Message | Alexander Kuzmenkov | 2018-03-01 14:25:09 | Re: [patch] BUG #15005: ANALYZE can make pg_class.reltuples inaccurate. |