Comments on old bug report in light of CVE-2018-1058

Поиск
Список
Период
Сортировка
От David G. Johnston
Тема Comments on old bug report in light of CVE-2018-1058
Дата
Msg-id CAKFQuwZ_wDHHAGPeZEtxkTxDdj0tbeE9J-sux6N=vxSPYJmw3g@mail.gmail.com
обсуждение исходный текст
Список pgsql-hackers
Дерево обсуждения
Hackers,

By happen-stance I recently came across an old bug report that I responded to, #13651 (circa 2015-09), and reading the commentary for CVE-2018-1058 made me think about it in a different light.  While no one added to my responses back then I'm thinking it would be worthwhile if one or more persons with more experience than myself would skim over the thread and make a judgement as to whether there is anything worth addressing.

The thread ends up being a bit more broad than just what the subject line implies.

BUG #13651: trigger security invoker attack

https://www.postgresql.org/message-id/flat/20150929115737.1448.91255%40wrigleys.postgresql.org#20150929115737.1448.91255@wrigleys.postgresql.org

Thanks!

David J.

В списке pgsql-hackers по дате отправления:

Предыдущее
От: Alexander Kuzmenkov
Дата:
Сообщение: Re: [patch] BUG #15005: ANALYZE can make pg_class.reltuplesinaccurate.
Следующее
От: David Steele
Дата:
Сообщение: Re: Reduce amount of WAL generated by CREATE INDEX for gist, gin andsp-gist