Re: postgres vulnerability

From: Dave Cramer <pg(at)fastcrypt(dot)com>
To: Stephan Szabo <sszabo(at)megazone(dot)bigpanda(dot)com>
Cc: Neil Conway <neilc(at)samurai(dot)com>, Gaetano Mendola <mendola(at)bigfoot(dot)com>, "pgsql-hackers(at)postgresql(dot)org" <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: postgres vulnerability
Date: 2004-10-12 16:33:58
Message-ID: 1097598838.7985.292.camel@localhost.localdomain
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

Actually, I see this differently.

This is a classic example of how postgreSQL is viewed by the rest of the
world. This argument has been brought up before.
It is only the core that differentiates the server from the interfaces.
The rest of the world views this as one product.

Dave
On Sun, 2004-10-10 at 09:48, Stephan Szabo wrote:
> On Sun, 10 Oct 2004, Neil Conway wrote:
>
> > Gaetano Mendola wrote:
> > > Here http://www.sans.org/top20/#u9
> > > are listed postgres vulnerability it's sad see that almost all
> > > are related to third part components
> >
> > "Almost all"? By my count, 12 of the 17 vulnerabilities refer to
> > legitimate problems in PostgreSQL, its RPM distribution, or the ODBC driver.
>
> However, even removing "almost all" from the comment, it's still pretty
> sad that a "trusted source for computer security training, certification
> and research" would have a >25% miss rate on properly categorizing
> vulnerabilities.
>
> ---------------------------(end of broadcast)---------------------------
> TIP 3: if posting/reading through Usenet, please send an appropriate
> subscribe-nomail command to majordomo(at)postgresql(dot)org so that your
> message can get through to the mailing list cleanly
--
Dave Cramer
519 939 0336
ICQ # 14675561
www.postgresintl.com

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Reini Urban 2004-10-12 16:34:43 Re: open item: tablespace handing in pg_dump/pg_restore
Previous Message Marc G. Fournier 2004-10-12 14:20:36 Re: CVS fixed ...