| From: | Andrew Dunstan <andrew(at)dunslane(dot)net> |
|---|---|
| To: | Pascal Meunier <pmeunier(at)cerias(dot)net> |
| Cc: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, "Jim C(dot) Nasby" <jimn(at)enterprisedb(dot)com>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: minor feature request: Secure defaults during |
| Date: | 2006-09-18 17:59:00 |
| Message-ID: | 450EDE64.6000501@dunslane.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Pascal Meunier wrote:
> Thanks for answering; I appreciate it, as well as the efforts of all the
> people who contributed to this database that I now use in my projects.
>
> However, I feel that making a decision based on the number of prior and
> possible future complaints is a poor excuse to not do the right thing. A
> low number of prior complaints simply suggests lax security audits of
> default behaviors.
>
At the very least we would need a way of getting the current behaviour,
if we are not to break existing applications.
People have a reasonable expectation that a dump and reload will work,
and that can't be dismissed as cavalierly as this.
Maybe a config file option would do the trick, or maybe an option to
pg_dump / pg_dumpall to make it generate the extra GRANT statement that
would be required.
cheers
andrew
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2006-09-18 18:00:55 | Re: minor feature request: Secure defaults during |
| Previous Message | Jim C. Nasby | 2006-09-18 17:56:35 | Re: Interesting CREATE TABLE AS misbehavior |