Re: 8.4 release planning
| От | Tom Lane |
|---|---|
| Тема | Re: 8.4 release planning |
| Дата | |
| Msg-id | 16347.1233073578@sss.pgh.pa.us обсуждение |
| Ответ на | Re: 8.4 release planning (Simon Riggs <simon@2ndQuadrant.com>) |
| Ответы |
Re: 8.4 release planning
Re: 8.4 release planning |
| Список | pgsql-hackers |
Simon Riggs <simon@2ndQuadrant.com> writes:
> On Mon, 2009-01-26 at 22:55 -0500, Tom Lane wrote:
>> Silently filtering out rows according to an arbitrary security policy
>> can break a bunch of fundamental SQL semantics, the most obvious being
>> foreign key constraints
> That was exactly my reaction when I read the way it worked and I was
> ready to reject the patch as a result. Bruce and KaiGai provided
> documents that discuss the problem and it's a clearly a known issue in
> the security community. Specifically, it hasn't prevented Oracle from
> gaining security Certification and it shouldn't prevent us either. In
> the end it's the certification that matters here, rather than a general
> review of what database security is, or could be.
Yeah, people like certification, but they also like products that work.
Did you stop reading before getting to my non-security-based complaints?
regards, tom lane
В списке pgsql-hackers по дате отправления: