Re: Interesting message about printf()'s in PostgreSQL
| От | Gavin Sherry |
|---|---|
| Тема | Re: Interesting message about printf()'s in PostgreSQL |
| Дата | |
| Msg-id | Pine.LNX.4.21.0208121405280.7309-100000@linuxworld.com.au обсуждение исходный текст |
| Ответ на | Interesting message about printf()'s in PostgreSQL (Justin Clift <justin@postgresql.org>) |
| Список | pgsql-hackers |
On Mon, 12 Aug 2002, Justin Clift wrote: > Hi everyone, > > Whilst looking around for some more PostgreSQL related stuff, this > message turned up: > > http://mail.wirex.com/pipermail/sardonix/2002-February/000051.html > > The interesting bit is in an email messages included about halfway > down. It speaks of Bad Things in the PostgreSQL source code and of > PostgreSQL needing an audit. Christoper's point about University access to postgres and possible security/DoS problems is a good one. A thorough security audit of PostgreSQL would be a very good idea. Naturally, the biggest problems are that it is very time consuming to do an audit, just about all parts of the code need to be reviewed and it yields few exciting results. Perhaps Red Hat or another commercial entity would be interested in helping out given that the commercial space is beginning to be dominated by security rhetoric? Gavin
В списке pgsql-hackers по дате отправления: