Home > mailing lists

pgsql: Add: > * Prevent malicious functions from being executed with - Mailing list pgsql-committers

From	momjian@postgresql.org (Bruce Momjian)
Subject	pgsql: Add: > * Prevent malicious functions from being executed with
Date	March 6, 2008 16:19:43
Msg-id	20080306171938.5D27A753F32@cvs.postgresql.org Whole thread Raw
List	pgsql-committers

Tree view

Log Message:
-----------
Add:

> * Prevent malicious functions from being executed with the permissions
>   of unsuspecting users
>
>   Index functions are safe, so VACUUM and ANALYZE are safe too.
>   Triggers, CHECK and DEFAULT expressions, and rules are still vulnerable.
>   http://archives.postgresql.org/pgsql-hackers/2008-01/msg00268.php

Modified Files:
--------------
    pgsql/doc:
        TODO (r1.2261 -> r1.2262)
        (http://anoncvs.postgresql.org/cvsweb.cgi/pgsql/doc/TODO?r1=1.2261&r2=1.2262)
    pgsql/doc/src/FAQ:
        TODO.html (r1.770 -> r1.771)
        (http://anoncvs.postgresql.org/cvsweb.cgi/pgsql/doc/src/FAQ/TODO.html?r1=1.770&r2=1.771)

pgsql-committers by date:

From: momjian@postgresql.org (Bruce Momjian)
Date: 06 March 2008, 15:31:50
Subject: pgsql: Improve "bgwriter_lru_multiplier" GUC description.

From: momjian@postgresql.org (Bruce Momjian)
Date: 06 March 2008, 16:28:36
Subject: pgsql: Add: > > o Prevent escape string warnings when object names

pgsql: Add: > * Prevent malicious functions from being executed with - Mailing list pgsql-committers

Previous

Next