Home > mailing lists

Re: BUG #4074: Using SESSION_USER or CURRENT_USER in a view definition is unsafe - Mailing list pgsql-bugs

From	Dave Page
Subject	Re: BUG #4074: Using SESSION_USER or CURRENT_USER in a view definition is unsafe
Date	March 31, 2008 22:04:54
Msg-id	937d27e10803311504ib836b4bp814f592325304fd6@mail.gmail.com Whole thread Raw
In response to	Re: BUG #4074: Using SESSION_USER or CURRENT_USER in a view definition is unsafe (Tom Lane <tgl@sss.pgh.pa.us>)
Responses	Re: BUG #4074: Using SESSION_USER or CURRENT_USER in a view definition is unsafe
List	pgsql-bugs

Tree view

On Mon, Mar 31, 2008 at 10:46 PM, Tom Lane <tgl@sss.pgh.pa.us> wrote:
>  If this were a security issue, you already spilled the beans by
>  reporting it to a public mailing list; so I'm unsure what you are
>  concerned about.

I'd wager that Lars didn't realise the bug form goes straight to the
list. We should probably make that more clear.

On the other hand it does say to report security issues to security@...

--
Dave Page
EnterpriseDB UK Ltd: http://www.enterprisedb.com
PostgreSQL UK 2008 Conference: http://www.postgresql.org.uk

pgsql-bugs by date:

From: Tom Lane
Date: 31 March 2008, 21:47:18
Subject: Re: BUG #4074: Using SESSION_USER or CURRENT_USER in a view definition is unsafe

From: Alvaro Herrera
Date: 31 March 2008, 22:23:25
Subject: Re: BUG #4074: Using SESSION_USER or CURRENT_USER in a view definition is unsafe

Re: BUG #4074: Using SESSION_USER or CURRENT_USER in a view definition is unsafe - Mailing list pgsql-bugs

Previous

Next