Jeremy Drake <pgsql@jdrake.com> writes:
> On Mon, 12 Feb 2007, Teodor Sigaev wrote:
>> Fix backend crash in parsing incorrect tsquery.
> Is this a security issue? Does it need a new security release?
We looked at this and determined that the worst that could be done with
it is crash the backend. Which is annoying, but if we treated every
such bug as a security exercise then we'd be having a new release every
week or so. Core's current policy is that we'll consider a bug worthy
of a security release if it can be used to force execution of arbitrary
code, access otherwise-unavailable information, etc. A simple crash is
at worst a momentary denial of service to other DB users, and if you've
got the ability to issue arbitrary SQL there are lots of ways to create
denial-of-service situations of one magnitude or another.
Also, recent history should impress on you the disadvantages of treating
problems as security exercises: patches that go in without any public
review or testing are far more likely to create new problems than those
that go through the normal process. So setting a low bar for what
constitutes a security issue is likely to decrease the system's overall
reliability.
regards, tom lane