| From: | Neil Conway <neilc(at)samurai(dot)com> |
|---|---|
| To: | Andrew Sullivan <ajs(at)crankycanuck(dot)ca> |
| Cc: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: pl/pgsql enabled by default |
| Date: | 2005-05-07 23:22:55 |
| Message-ID: | 427D4DCF.5050808@samurai.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Andrew Sullivan wrote:
> This is not really analogous, because those are already on
Which is my point: you're suggesting we retrofit a security policy onto
PG that does not apply to the vast majority of the base system -- and
that if applied would require fundamental changes.
> Indeed. But that doesn't mean that the principle isn't sound for
> both cases. I haven't seen an argument against that yet.
Security (in the limited sense of "disabling features by default") is
not free; there is a tradeoff between security and convenience, security
and administrative simplicity, and so on. Given that I have yet to see a
single substantive argument for pl/pgsql being a security risk that has
withstood any scrutiny, I don't see that the "security" side of the
tradeoff has a lot of merit.
-Neil
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2005-05-07 23:41:11 | Re: Patch for collation using ICU |
| Previous Message | Tom Lane | 2005-05-07 23:20:48 | Re: Race conditions, race conditions! |