| From: | Bruce Momjian <bruce(at)momjian(dot)us> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | Josh Berkus <josh(at)agliodbs(dot)com>, Andrew Dunstan <andrew(at)dunslane(dot)net>, Brad Nicholson <bnichols(at)ca(dot)afilias(dot)info>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: pg_migrator issue with contrib |
| Date: | 2009-06-08 03:36:00 |
| Message-ID: | 200906080336.n583a0925530@momjian.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Tom Lane wrote:
> The underlying C-level get_raw_page function is still there, but
> it now expects three arguments not two, and will crash if it's
> passed an int4 where it's expecting a text argument. But the old
> function definition will migrate without error --- there's no way
> for pg_migrator to realize it's installing a security hazard.
FYI, there is nothing pg_migrator specific here. Someone doing a
dump/reload from 8.3 to 8.4 would have the same security issue.
pg_migrator is using the same pg_dump output as a dump restore, except
it uses --schema. pg_migrator would actually be more secure because it
will exit on the restore error rather than having the error possibly
ignored by the user.
--
Bruce Momjian <bruce(at)momjian(dot)us> http://momjian.us
EnterpriseDB http://enterprisedb.com
+ If your life is a hard drive, Christ can be your backup. +
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bruce Momjian | 2009-06-08 03:36:46 | Re: pg_migrator issue with contrib |
| Previous Message | Bruce Momjian | 2009-06-08 03:21:17 | Re: pg_migrator issue with contrib |