On Mon, 12 Feb 2007, Tom Lane wrote:
> Jeremy Drake <pgsql@jdrake.com> writes:
> > On Mon, 12 Feb 2007, Teodor Sigaev wrote:
> >> Fix backend crash in parsing incorrect tsquery.
>
> > Is this a security issue? Does it need a new security release?
>
> We looked at this and determined that the worst that could be done with
> it is crash the backend. Which is annoying, but if we treated every
> such bug as a security exercise then we'd be having a new release every
> week or so. Core's current policy is that we'll consider a bug worthy
> of a security release if it can be used to force execution of arbitrary
> code, access otherwise-unavailable information, etc. A simple crash is
> at worst a momentary denial of service to other DB users, and if you've
> got the ability to issue arbitrary SQL there are lots of ways to create
> denial-of-service situations of one magnitude or another.
>
> Also, recent history should impress on you the disadvantages of treating
> problems as security exercises: patches that go in without any public
> review or testing are far more likely to create new problems than those
> that go through the normal process. So setting a low bar for what
> constitutes a security issue is likely to decrease the system's overall
> reliability.
I understand. This is reasonable. I am glad that this was considered,
and weighed against the same policy as core.
--
Andrea: Unhappy the land that has no heroes.
Galileo: No, unhappy the land that _____needs heroes. -- Bertolt Brecht, "Life of Galileo"