Re: [HACKERS] Possible make_oidjoins_check Security Issue

Bruce Momjian wrote:
> Tom Lane wrote:
> > Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> writes:
> > > I believe the proper way to handle this is a new directory under /tmp.
> >
> > It's definitely not worth the trouble. I looked at what configure does
> > to make /tmp subdirectories portably, and it is spectacularly ugly
> > (not to mention long). If make_oidjoins_check were a user-facing tool
> > that would be one thing, but it isn't ...
>
> >From a public relations perspective and a code reuse perspective I think
> we should create temporary tables securely. The attached applied patch

^^^^^^
files

> fixes contrib/findoidjoins/make_oidjoins_check.

Sorry, meant temporary files.

--
Bruce Momjian | http://candle.pha.pa.us
pgman(at)candle(dot)pha(dot)pa(dot)us | (610) 359-1001
+ If your life is a hard drive, | 13 Roberts Road
+ Christ can be your backup. | Newtown Square, Pennsylvania 19073