Quick Links

Re: reuse sysids security hole?

From:	Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To:	Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us>
Cc:	Gavin Sherry <swm(at)linuxworld(dot)com(dot)au>, Andrew Dunstan <andrew(at)dunslane(dot)net>, Postgresql Hackers <pgsql-hackers(at)postgresql(dot)org>
Subject:	Re: reuse sysids security hole?
Date:	2003-08-12 20:01:33
Message-ID:	15912.1060718493@sss.pgh.pa.us
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> writes:
> Can I have a TODO for this?

* Prevent accidental re-use of sysids for dropped users and groups

The other part of the thread was something like

* Prevent dropping user that still owns objects, or auto-drop the objects

which if successful would eliminate the need to worry about sysid reuse,
but I really don't see a feasible implementation at the moment.

regards, tom lane

Re: reuse sysids security hole? at 2003-08-12 20:11:27 from Alvaro Herrera Munoz
Re: reuse sysids security hole? at 2003-08-12 22:04:25 from Bruce Momjian
Re: reuse sysids security hole? at 2003-08-13 11:42:39 from Andrew Dunstan

	From	Date	Subject
Next Message	Rod Taylor	2003-08-12 20:05:15	Re: Parsing speed (was Re: pgstats_initstats() cost)
Previous Message	Tom Lane	2003-08-12 19:36:07	Parsing speed (was Re: pgstats_initstats() cost)