Re: 7.4 Press Release -- Draft #4

From: Robert Treat <xzilla(at)users(dot)sourceforge(dot)net>
To: Gavin Sherry <swm(at)linuxworld(dot)com(dot)au>
Cc: pgsql-advocacy(at)postgresql(dot)org
Subject: Re: 7.4 Press Release -- Draft #4
Date: 2003-07-28 20:15:31
Message-ID: 1059423331.22259.818.camel@camel
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-advocacy

On Sat, 2003-07-26 at 21:31, Gavin Sherry wrote:
> > > - Read only transactions, bringing a greater level of security to web and
> > > enterprise applications by protecting data from modification.
>
> This should be removed. Even though I added it to the press release, I've
> just realised it's not really a security measure against SQL injection
> since injected code can just specify 'SET TRANSACTION READ WRITE'. We
> should still mention it, but not as a security measure.
>

Aside from spec compliance, whats the bonus for having it then? Or put a
better way, why/when would I want to use this?

Robert Treat
--
Build A Brighter Lamp :: Linux Apache {middleware} PostgreSQL

In response to

Responses

Browse pgsql-advocacy by date

  From Date Subject
Next Message Nick Fankhauser 2003-07-28 20:49:14 Re: 7.4 Press Release -- starting Draft #5
Previous Message Josh Berkus 2003-07-28 17:52:24 7.4 Press Release