Re: postgres vulnerability - Mailing list pgsql-hackers

From Dave Cramer
Subject Re: postgres vulnerability
Date
Msg-id 1097598838.7985.292.camel@localhost.localdomain
Whole thread Raw
In response to Re: postgres vulnerability  (Stephan Szabo <sszabo@megazone.bigpanda.com>)
Responses Re: postgres vulnerability
List pgsql-hackers
Actually, I see this differently.

This is a classic example of how postgreSQL is viewed by the rest of the
world. This argument has been brought up before. 
It is only the core that differentiates the server from the interfaces.
The rest of the world views this as one product.

Dave
On Sun, 2004-10-10 at 09:48, Stephan Szabo wrote:
> On Sun, 10 Oct 2004, Neil Conway wrote:
> 
> > Gaetano Mendola wrote:
> > > Here  http://www.sans.org/top20/#u9
> > > are listed postgres vulnerability it's sad see that almost all
> > > are related to third part components
> >
> > "Almost all"? By my count, 12 of the 17 vulnerabilities refer to
> > legitimate problems in PostgreSQL, its RPM distribution, or the ODBC driver.
> 
> However, even removing "almost all" from the comment, it's still pretty
> sad that a "trusted source for computer security training, certification
> and research" would have a >25% miss rate on properly categorizing
> vulnerabilities.
> 
> ---------------------------(end of broadcast)---------------------------
> TIP 3: if posting/reading through Usenet, please send an appropriate
>       subscribe-nomail command to majordomo@postgresql.org so that your
>       message can get through to the mailing list cleanly
-- 
Dave Cramer
519 939 0336
ICQ # 14675561
www.postgresintl.com



pgsql-hackers by date:

Previous
From: "Marc G. Fournier"
Date:
Subject: Re: CVS fixed ...
Next
From: Reini Urban
Date:
Subject: Re: open item: tablespace handing in pg_dump/pg_restore