From: | "Joshua D(dot) Drake" <jd(at)commandprompt(dot)com> |
---|---|
To: | Josh Berkus <josh(at)agliodbs(dot)com> |
Cc: | damien clochard <damien(at)dalibo(dot)info>, "Jonathan S(dot) Katz" <jonathan(dot)katz(at)excoventures(dot)com>, PostgreSQL Advocacy <pgsql-advocacy(at)postgresql(dot)org> |
Subject: | Re: Heroku early upgrade is raising serious questions |
Date: | 2013-04-08 23:32:06 |
Message-ID: | 51635376.9070108@commandprompt.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-advocacy |
On 04/08/2013 04:12 PM, Josh Berkus wrote:
>
> Damien,
>
>> The Heroku announcement caused many confusions. The worst confusion is
>> that it sounds like Heroku gets a special treament and is allowed to
>> upgrade 3 days before full disclosure, while the rest of us have to wait
>> the official release date.
>
> So Heroku had permission from the core team to start their update early,
> partly because of required deployment times, and partly because they
> could supply testing and feedback on the patch, as they have with other
> patches they've backported from future versions of PostgreSQL. We were
> also conscious of the fact that, as far as we knew, Heroku represented
> the single largest organizational vulnerability to this particular
> issue, and that due to their "port-only access" the possibility of
> accidental disclosure was minimal.
>
> We didn't anticipate that the early notification we did combined with
> the Heroku outage notification would make it obvious that an early
> deployment was happening. We don't generally do early warnings, and
> this whole "cloud" thing is still new to us organizationally. ALso, we
> went from discovery to release in 3 weeks, so there wasn't a lot of
> discussion time around policy and procedure.
>
> Clearly we can't do it that way again.
>
> -core is currently hashing out thoughts on what might be a reasonable
> early notification process for high-risk users, and if it's feasible for
> us to have one. As well as other aspects of our security release procedure.
>
I think that one thing that is very important to remember here, is -core
doesn't make decisions lightly. I understand that some may have felt
that communication wasn't perfect (it wasn't) but I know several members
of core and they all take the position IMHO too seriously. So let's
relax, realize there is improvement to be made (which they and we do)
and just work the problem.
The rest is just noise.
Sincerely,
JD
--
Command Prompt, Inc. - http://www.commandprompt.com/
PostgreSQL Support, Training, Professional Services and Development
High Availability, Oracle Conversion, Postgres-XC
@cmdpromptinc - 509-416-6579
From | Date | Subject | |
---|---|---|---|
Next Message | Bruce Momjian | 2013-04-08 23:32:21 | Re: Heroku early upgrade is raising serious questions |
Previous Message | Josh Berkus | 2013-04-08 23:12:20 | Re: Heroku early upgrade is raising serious questions |