Re: Dissecting PostgreSQL CVE-2013-1899 (blackwinghq.com)

>
> I would hope people have tripwire/aide/et al configured to watch for these
> sorts of things already
>

Most of our non-cloud users connect to the DB from the application as
the superuser (the cloud users don't only because they're not allowed
to).  I think Tripwire is a little beyond them.

Anyway, the Blackwing analysis points out a whole set of potential
exploits which our security team hadn't thought of.

--
Josh Berkus
PostgreSQL Experts Inc.
http://pgexperts.com