Re: Open 7.3 items
| От | Tom Lane |
|---|---|
| Тема | Re: Open 7.3 items |
| Дата | |
| Msg-id | 13921.1029638171@sss.pgh.pa.us обсуждение исходный текст |
| Ответ на | Re: Open 7.3 items (Bruce Momjian <pgman@candle.pha.pa.us>) |
| Ответы |
Re: Open 7.3 items
|
| Список | pgsql-hackers |
Bruce Momjian <pgman@candle.pha.pa.us> writes:
> OK, here is the patch with the suggested changes. I am sending the
> patch to hackers because there has been so much interest in this.
One minor gripe:
> + /* If user@, it is a global user, remove '@' */
> + if (strchr(port->user, '@') == port->user + strlen(port->user)-1)
This code is correct, but it tempts someone to replace the strchr()
with a single-character check on the last character of the string.
Which would introduce the security hole we discussed before. The
code is okay, but *please* improve the comment to point out that you
are also excluding the case where there are @'s to the left of the
last character.
regards, tom lane
В списке pgsql-hackers по дате отправления: