| From: | Stephen Frost <sfrost(at)snowman(dot)net> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | Bruce Momjian <bruce(at)momjian(dot)us>, Josh Berkus <josh(at)agliodbs(dot)com>, pgsql-hackers(at)postgresql(dot)org, Merlin Moncure <mmoncure(at)gmail(dot)com>, "Jim C(dot) Nasby" <jnasby(at)pervasive(dot)com> |
| Subject: | Re: advisory locks and permissions |
| Date: | 2006-09-22 19:08:08 |
| Message-ID: | 20060922190808.GA24675@kenobi.snowman.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
* Tom Lane (tgl(at)sss(dot)pgh(dot)pa(dot)us) wrote:
> Stephen Frost <sfrost(at)snowman(dot)net> writes:
> > * Tom Lane (tgl(at)sss(dot)pgh(dot)pa(dot)us) wrote:
> >> An admin who is concerned about this can revoke public access on the
> >> functions for himself ... but should that be the default out-of-the-box
> >> configuration? I feel more comfortable with saying "you have to turn
> >> on this potentially-dangerous feature" than with saying you have to turn
> >> it off.
>
> > I agree with having it turned off by default, at least in 8.2.
>
> Do we have a consensus to do this for 8.2? Or are we going to leave it
> as is? Those are the only two realistic short-term options ...
I'm still of the opinion it'd be better disabled by default, but it
seems that the majority is going the other way. I guess in the end I'd
like to see most of these patched up in such a way that a given user
would be reasonably limited in their ability to DoS the server. That's
not going to happen today though.
Thanks,
Stephen
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bruce Momjian | 2006-09-22 19:09:26 | Re: advisory locks and permissions |
| Previous Message | Tom Lane | 2006-09-22 19:06:00 | Re: advisory locks and permissions |