For the security minded: Nico Leidecker <nicoLeidecker@xxxxxx> posted this to bugtraq yesterday, fyi. "I'd like to present a paper about security issues with PostgreSQL. The paper describes weaknesses in the configuration that may +allow attackers to escalade privileges, execute shell commands and to upload arbitrary (binary) files via SQL injections. You can either get the TXT version from http://www.leidecker.info/pgshell/Having_Fun_With_PostgreSQL.txt Or as PDF at at http://www.portcullis.co.uk/uplds/whitepapers/Having_Fun_With_PostgreSQL.pdf The paper comes with a tool called `pgshell' that can be downloaded at http://www.leidecker.info/pgshell";
