Re: Heroku early upgrade is raising serious questions
| От | Andres Freund |
|---|---|
| Тема | Re: Heroku early upgrade is raising serious questions |
| Дата | |
| Msg-id | 20130409180915.GG27905@awork2.anarazel.de обсуждение исходный текст |
| Ответ на | Re: Heroku early upgrade is raising serious questions (Stephen Frost <sfrost@snowman.net>) |
| Ответы |
Re: Heroku early upgrade is raising serious
questions
|
| Список | pgsql-advocacy |
On 2013-04-09 13:59:29 -0400, Stephen Frost wrote: > * Andres Freund (andres@2ndquadrant.com) wrote: > > Also, it changes how privileged the people that get access to the > > vulnerability are. If they are allowed to install at the same time as > > everyone else its somewhat fair game, otherwise there will be people > > making a marketing distinction out of their privileged access. > > I do not consider this a game where everyone should be treated 'fairly' > wrt their exposure to attackers. I would be open to including something > in the policy which discourages members from advertising their > membership as a marketing distinction, but I'm not convinced that it's > necessary. Note that I am not saying that it has to be fair. I haven't yet made up my mind about it, I am just saying its a fair point to make. And I think the increased exposure and thus increased likelihood of leakage due to more widespread usage holds some weight, completely independent of the argument of fairness. Greetings, Andres Freund -- Andres Freund http://www.2ndQuadrant.com/ PostgreSQL Development, 24x7 Support, Training & Services
В списке pgsql-advocacy по дате отправления: