On 6/18/07, Ray Stell <stellr@xxxxxxxxxx> wrote:
On Mon, Jun 18, 2007 at 11:24:45AM +0200, Dawid Kuroczko wrote:
> On 6/17/07, Ray Stell <stellr@xxxxxxxxxx> wrote:
> >Or as PDF at at
> >http://www.portcullis.co.uk/uplds/whitepapers/Having_Fun_With_PostgreSQL.pdf
>
> Anyhow it's good to know that most vulnerabilities in PostgreSQL require
> superuser privilege. :-)
To me the most significant thing here is that the security community is kicking
the tires. That can be a very good thing.
Hmm, I can see your point. Its good that we can dismiss most arguments
saying that 'it requires superuser', and yet if they find any real problems
(like search_path stuff), the sooner the better for us.
Regards,
Dawid
