| From: | Stephen Frost <sfrost(at)snowman(dot)net> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | Piotr Stefaniak <postgres(at)piotr-stefaniak(dot)me>, "pgsql-hackers(at)postgresql(dot)org" <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Warnings around booleans |
| Date: | 2015-08-21 20:03:56 |
| Message-ID: | 20150821200356.GP3685@tamriel.snowman.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
* Tom Lane (tgl(at)sss(dot)pgh(dot)pa(dot)us) wrote:
> Stephen Frost <sfrost(at)snowman(dot)net> writes:
> > On Friday, August 21, 2015, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
> >> It is not really acceptable to leave roles hanging around after "make
> >> installcheck"; that would be a security hazard for the installation.
> >> Please drop them.
>
> > The only ones which were left were intentionally all NOLOGIN to address
> > that concern, which I had considered. Is there another issue with them
> > beyond potential login that I'm missing?
>
> NOLOGIN addresses the most obvious abuse potential, but it hardly seems
> like the only risk. And we have never yet intended the main regression
> tests to serve as a testbed for "pg_dumpall -g". A bugfix commit is
> not the place to start changing that policy.
I've updated the test to drop the roles at the end.
> (If you want to have some testing in this area, perhaps adding roles
> during the pg_upgrade test would be a safer place to do it.)
I'll look into this. The lack of pg_dumpall testing is pretty
concerning, considering how important it is to pg_upgrade.
Thanks!
Stephen
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Jim Nasby | 2015-08-21 21:05:07 | Re: Error message with plpgsql CONTINUE |
| Previous Message | Tomas Vondra | 2015-08-21 19:54:47 | Re: DBT-3 with SF=20 got failed |