Re: 8.4 release planning
От | Simon Riggs |
---|---|
Тема | Re: 8.4 release planning |
Дата | |
Msg-id | 1233076342.2327.2244.camel@ebony.2ndQuadrant обсуждение исходный текст |
Ответ на | Re: 8.4 release planning (Tom Lane <tgl@sss.pgh.pa.us>) |
Список | pgsql-hackers |
On Mon, 2009-01-26 at 22:55 -0500, Tom Lane wrote: > Even accepting such a restriction, there's too much code in > core Postgres to let anyone feel very good about keeping the core free > of security leaks I see what you're saying, but we're trying to pass certification, not provide security in all cases. The security policy & its implementation is part of the wall, so its straightforward to say "don't do those things". Since both backups and plugins are not typically managed by unprivileged users, that seems reasonable. (And anyway, they should be using PITR :-). I'd rather see it go in now. It needs to be audited, and it might fail. If we put it in 8.5 and it still fails, we'll be in 8.6, which is far, far away and we shouldn't expect NEC to fund such a long range mission. -- Simon Riggs www.2ndQuadrant.comPostgreSQL Training, Services and Support
В списке pgsql-hackers по дате отправления: