On 01/05/2016 04:32 PM, John R Pierce wrote: > On 1/5/2016 4:12 PM, oleg yusim wrote: >> I meant a scenario, when user is trying to connect to database >> (doesn't matter what interface) and database fails at this moment. If >> all authentication/authorization/validation functions are written to >> return false in case of abnormal termination, we are fine. If not, we >> can potentially encounter the situation when database fails into state >> where user is given greater privileges than he/she should or even >> authenticated, when he/she shouldn't. > > if the postgres server processes terminate for any reason, there's > nothing to connect to. the client application will get a error like > 'connection refused' back from the connection attempt, or if it was > already connected and the server aborts, the next query will return an > error like CONNECTION_BAD. there's no possible privilege elevation.
+1
I think you can call this one "Applicable -- Inherently Meets"
Joe
-- Crunchy Data - http://crunchydata.com PostgreSQL Support for Secure Enterprises Consulting, Training, & Open Source Development