Re: Compliment from the Database Hacker's Handbook
| От | Christopher Browne |
|---|---|
| Тема | Re: Compliment from the Database Hacker's Handbook |
| Дата | |
| Msg-id | m3acjgk8qi.fsf@mobile.int.cbbrowne.com обсуждение исходный текст |
| Ответ на | Compliment from the Database Hacker's Handbook (Josh Berkus <josh@agliodbs.com>) |
| Список | pgsql-advocacy |
> To quote: > > "By default, PostgreSQL is probably the most security-aware database > available ..." > Database Hacker's Handbook > Lithcfield et. al. > Wiley > http://www.wiley.com/WileyCDA/WileyAncillary/productCd-0764578014.html > > I'm gonna see if we can use the quote for our front page ... Based on the sample chapter, the book looks pretty nifty, too. I love their two suggestions near the end of that chapter: 1. Don't believe the documentation In theory, the "non-marketing dependance" of PostgreSQL ought to mean that the documentation is capable of being more honest, but even so, it's an interesting approach ;-). 2. That security analysts implement their own client The issue, which, to some degree, we see with psql, is that the default clients somewhat "sanitize" requests. Sanity tends to be a good thing, better than insanity :-), but it's hard to hit some of the race conditions without the lack of sanitation... I probably ought to do this some time; it would be a useful learning experience... -- (reverse (concatenate 'string "moc.liamg" "@" "enworbbc")) http://cbbrowne.com/info/ If we were meant to fly, we wouldn't keep losing our luggage.
В списке pgsql-advocacy по дате отправления: