| From: | Josh Berkus <josh(at)agliodbs(dot)com> |
|---|---|
| To: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: First-draft release notes for next week's releases |
| Date: | 2014-03-17 03:56:03 |
| Message-ID: | 53267253.4060104@agliodbs.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 03/16/2014 12:32 PM, Greg Stark wrote:
> I would consider adding something like "For the problem to occur a
> foreign key from another table must exist and a new row must be added
> to that other table around the same time (possibly in the same
> transaction) as an update to the referenced row" That would help
> people judge whether their databases are vulnerable. If they don't
> have foreign keys or if they have a coding pattern that causes this to
> happen regularly then they should be able to figure that out and
> possibly disable them if they can't update promptly.
I don't think that will actually help people know whether they're
vulnerable without a longer explanation.
It's starting to sound like we need a wiki page for this release?
--
Josh Berkus
PostgreSQL Experts Inc.
http://pgexperts.com
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Prabakaran, Vaishnavi | 2014-03-17 04:09:09 | Re: Providing catalog view to pg_hba.conf file - Patch submission |
| Previous Message | David Johnston | 2014-03-17 03:42:12 | Re: BUG #9578: Undocumented behaviour for temp tables created inside query language (SQL) functions |