On 6/18/07, Ray Stell <stellr@cns.vt.edu> wrote:
> On Mon, Jun 18, 2007 at 11:24:45AM +0200, Dawid Kuroczko wrote:
> > On 6/17/07, Ray Stell <stellr@cns.vt.edu> wrote:
> > >Or as PDF at at
> > >http://www.portcullis.co.uk/uplds/whitepapers/Having_Fun_With_PostgreSQL.pdf
> >
> > Anyhow it's good to know that most vulnerabilities in PostgreSQL require
> > superuser privilege. :-)
>
> To me the most significant thing here is that the security community is kicking
> the tires. That can be a very good thing.
Hmm, I can see your point. Its good that we can dismiss most arguments
saying that 'it requires superuser', and yet if they find any real problems
(like search_path stuff), the sooner the better for us.
Regards,
Dawid