Re: Can we revisit the thought of PostgreSQL 7.2.4?
| От | Lamar Owen |
|---|---|
| Тема | Re: Can we revisit the thought of PostgreSQL 7.2.4? |
| Дата | |
| Msg-id | 200301182140.34976.lamar.owen@wgcr.org обсуждение исходный текст |
| Ответ на | Re: Can we revisit the thought of PostgreSQL 7.2.4? (Tom Lane <tgl@sss.pgh.pa.us>) |
| Список | pgsql-hackers |
On Saturday 18 January 2003 11:13, Tom Lane wrote: > Lamar Owen <lamar.owen@wgcr.org> writes: > > ... Why? If a user doesn't need the features of 7.x.x, and the codebase > > is working well for him/her, why should said user/DBA feel compelled to > > go through who knows what mechanations to upgrade to the latest version? > Because there are unfixable bugs in the older versions. I see very > little point in issuing "security updates" that fix individual buffer > overruns, when anyone who has the SQL-level access needed to trigger > one of those overruns can equally easily do "select cash_out(2)". > The only fix for that is an upgrade to 7.3. And the cure might be worse than the disease; that is my point. > It wastes time that > could be spent on other work, and it may give DBAs a false sense of > security. "Sure I'm safe; I just got the latest security patch from > Red Hat, so my 6.5.3 Postgres must be bulletproof now!" Red Hat issued a very detailed synopsis of what was fixed. Also, one man's wasted time is another man's time well spent. -- Lamar Owen WGCR Internet Radio 1 Peter 4:11
В списке pgsql-hackers по дате отправления: