| From: | "David G(dot) Johnston" <david(dot)g(dot)johnston(at)gmail(dot)com> |
|---|---|
| To: | Gurjeet Singh <gurjeet(at)singh(dot)im> |
| Cc: | Jeff Davis <pgsql(at)j-davis(dot)com>, pgsql-hackers(at)postgresql(dot)org, Nathan Bossart <nathandbossart(at)gmail(dot)com>, Robert Haas <robertmhaas(at)gmail(dot)com>, Noah Misch <noah(at)leadboat(dot)com>, Greg Stark <stark(at)mit(dot)edu>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Subject: | Re: Fix search_path for all maintenance commands |
| Date: | 2023-07-13 21:07:27 |
| Message-ID: | CAKFQuwZmswfTKtx6oUY0N7UB62cO_nABMgQgdcvrD8r4qjvUJg@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Thu, Jul 13, 2023 at 2:00 PM Gurjeet Singh <gurjeet(at)singh(dot)im> wrote:
> On Thu, Jul 13, 2023 at 1:37 PM David G. Johnston
> <david(dot)g(dot)johnston(at)gmail(dot)com> wrote:
> >
> > I'm against simply breaking the past without any recourse as what we
> did for pg_dump/pg_restore still bothers me.
>
> I'm sure this is tangential, but can you please provide some
> context/links to the change you're referring to here.
>
>
Here is the instigating issue and a discussion thread on the aftermath:
https://wiki.postgresql.org/wiki/A_Guide_to_CVE-2018-1058%3A_Protect_Your_Search_Path
David J.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Pavel Luzanov | 2023-07-13 21:23:28 | Re: psql: Add role's membership options to the \du+ command |
| Previous Message | Andres Freund | 2023-07-13 21:04:31 | Re: WAL Insertion Lock Improvements |