Re: Heroku early upgrade is raising serious questions
| От | Dimitri Fontaine |
|---|---|
| Тема | Re: Heroku early upgrade is raising serious questions |
| Дата | |
| Msg-id | m2ppy374ff.fsf@2ndQuadrant.fr обсуждение исходный текст |
| Ответ на | Re: Heroku early upgrade is raising serious questions (Stephen Frost <sfrost@snowman.net>) |
| Список | pgsql-advocacy |
Stephen Frost <sfrost@snowman.net> writes: > That does not address the large-scale deployments where upgrades also > take a very signifigant amount of time. If we are to provide them with > the information ahead of the release, as they are trusted, I do not > believe it makes any sense to prevent them from upgrading their systems > until the information is out in the open. +1 > Weighing the needs of various communities along with their risk profiles > and trustworthiness is a very difficult thing, but once vetted and > approved for early access, they should be encouraged to do as much as > they can to ensure they are not vulnerable provided that they are able > to do so without disclosing sensetive information. +1 And no ssh access to the servers seems like it applied. The trust problem has just been presented to me in another phrasing that we might want to be adressing: the level of trust we have into those people who receive the information early obviously includes they not perusing the information to exploit users (e.g. from competitive places). As obvious as it sounds, we have to write it down in the docs currently being edited, I think. Regards, -- Dimitri Fontaine http://2ndQuadrant.fr PostgreSQL : Expertise, Formation et Support
В списке pgsql-advocacy по дате отправления: