Re: Hardening PostgreSQL via (optional) ban on local file system access

From: Hannu Krosing <hannuk(at)google(dot)com>
To: Gurjeet Singh <gurjeet(at)singh(dot)im>
Cc: Andres Freund <andres(at)anarazel(dot)de>, pgsql-hackers <pgsql-hackers(at)postgresql(dot)org>, Robert Pang <robertpang(at)google(dot)com>
Subject: Re: Hardening PostgreSQL via (optional) ban on local file system access
Date: 2022-06-24 23:59:35
Message-ID: CAMT0RQTzQkCLpF21KLMEa52+ypQrkj6tUKHuM3X97-6L0zAT=Q@mail.gmail.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

My understanding was that unless activated by admin these changes
would change nothing.

And they would be (borderline :) ) security fixes

And the versioning policy link actually does not say anything about
not adding features to older versions (I know this is the policy, just
pointing out the info in not on that page).

On Sat, Jun 25, 2022 at 1:46 AM Gurjeet Singh <gurjeet(at)singh(dot)im> wrote:
>
> On Fri, Jun 24, 2022 at 4:13 PM Andres Freund <andres(at)anarazel(dot)de> wrote:
> > On 2022-06-25 00:08:13 +0200, Hannu Krosing wrote:
>
> > > 3) should this be back-patched (we can provide batches for all
> > > supported PgSQL versions)
> >
> > Err, what?
>
> Translation: Backpatching these changes to any stable versions will
> not be acceptable (per the project versioning policy [1]), since these
> changes would be considered new feature. These changes can break
> installations, if released in a minor version.
>
> [1]: https://www.postgresql.org/support/versioning/
>
> Best regards,
> Gurjeet
> http://Gurje.et

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message David G. Johnston 2022-06-25 00:08:17 Re: Hardening PostgreSQL via (optional) ban on local file system access
Previous Message Gurjeet Singh 2022-06-24 23:46:28 Re: Hardening PostgreSQL via (optional) ban on local file system access