Re: Dissecting PostgreSQL CVE-2013-1899 (blackwinghq.com)

From: Douglas J Hunley <doug(dot)hunley(at)gmail(dot)com>
To: Selena Deckelmann <selena(at)chesnok(dot)com>
Cc: Bruce Momjian <bruce(at)momjian(dot)us>, Robert Bernier <robert(at)pg-live(dot)info>, PostgreSQL Advocacy <pgsql-advocacy(at)postgresql(dot)org>
Subject: Re: Dissecting PostgreSQL CVE-2013-1899 (blackwinghq.com)
Date: 2013-04-11 17:19:54
Message-ID: CALxYTP6s-OMQuW+S6q11NvWZNmtv1OZqY2iUopWYo_28y4ygJg@mail.gmail.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-advocacy

On Thu, Apr 11, 2013 at 1:15 PM, Selena Deckelmann <selena(at)chesnok(dot)com>wrote:

> Also, a related best practice is keeping track of all the files that are
> in home directories of privileged users

I would hope people have tripwire/aide/et al configured to watch for these
sorts of things already

--
Douglas J Hunley (doug(dot)hunley(at)gmail(dot)com)
Twitter: @hunleyd Web:
douglasjhunley.com
G+: http://goo.gl/sajR3

In response to

Responses

Browse pgsql-advocacy by date

  From Date Subject
Next Message Thom Brown 2013-04-11 17:24:54 Re: Dissecting PostgreSQL CVE-2013-1899 (blackwinghq.com)
Previous Message Selena Deckelmann 2013-04-11 17:15:34 Re: Dissecting PostgreSQL CVE-2013-1899 (blackwinghq.com)