From: | Dave Cramer <pg(at)fastcrypt(dot)com> |
---|---|
To: | Stephan Szabo <sszabo(at)megazone(dot)bigpanda(dot)com> |
Cc: | Neil Conway <neilc(at)samurai(dot)com>, Gaetano Mendola <mendola(at)bigfoot(dot)com>, "pgsql-hackers(at)postgresql(dot)org" <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: postgres vulnerability |
Date: | 2004-10-12 16:33:58 |
Message-ID: | 1097598838.7985.292.camel@localhost.localdomain |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
Actually, I see this differently.
This is a classic example of how postgreSQL is viewed by the rest of the
world. This argument has been brought up before.
It is only the core that differentiates the server from the interfaces.
The rest of the world views this as one product.
Dave
On Sun, 2004-10-10 at 09:48, Stephan Szabo wrote:
> On Sun, 10 Oct 2004, Neil Conway wrote:
>
> > Gaetano Mendola wrote:
> > > Here http://www.sans.org/top20/#u9
> > > are listed postgres vulnerability it's sad see that almost all
> > > are related to third part components
> >
> > "Almost all"? By my count, 12 of the 17 vulnerabilities refer to
> > legitimate problems in PostgreSQL, its RPM distribution, or the ODBC driver.
>
> However, even removing "almost all" from the comment, it's still pretty
> sad that a "trusted source for computer security training, certification
> and research" would have a >25% miss rate on properly categorizing
> vulnerabilities.
>
> ---------------------------(end of broadcast)---------------------------
> TIP 3: if posting/reading through Usenet, please send an appropriate
> subscribe-nomail command to majordomo(at)postgresql(dot)org so that your
> message can get through to the mailing list cleanly
--
Dave Cramer
519 939 0336
ICQ # 14675561
www.postgresintl.com
From | Date | Subject | |
---|---|---|---|
Next Message | Reini Urban | 2004-10-12 16:34:43 | Re: open item: tablespace handing in pg_dump/pg_restore |
Previous Message | Marc G. Fournier | 2004-10-12 14:20:36 | Re: CVS fixed ... |