Re: 8.4 release planning
От | Simon Riggs |
---|---|
Тема | Re: 8.4 release planning |
Дата | |
Msg-id | 1233071882.2327.2191.camel@ebony.2ndQuadrant обсуждение исходный текст |
Ответ на | Re: 8.4 release planning (Tom Lane <tgl@sss.pgh.pa.us>) |
Ответы |
Re: 8.4 release planning
|
Список | pgsql-hackers |
On Mon, 2009-01-26 at 22:55 -0500, Tom Lane wrote: > Silently filtering out rows according to an arbitrary security policy > can break a bunch of fundamental SQL semantics, the most obvious being > foreign key constraints That was exactly my reaction when I read the way it worked and I was ready to reject the patch as a result. Bruce and KaiGai provided documents that discuss the problem and it's a clearly a known issue in the security community. Specifically, it hasn't prevented Oracle from gaining security Certification and it shouldn't prevent us either. In the end it's the certification that matters here, rather than a general review of what database security is, or could be. I've seen enough to be happy that KaiGai has done a thorough job on *attempting* to address the needs of the security people. Passing security audit is the real test and I won't be beating him up if we do miss slightly. We have to try, otherwise we'll never know. My concerns are all about what it does to our code and the impacts of that. These are things we know how to check. -- Simon Riggs www.2ndQuadrant.comPostgreSQL Training, Services and Support
В списке pgsql-hackers по дате отправления: