Re: 8.4 release planning
Tom Lane <tgl@sss.pgh.pa.us>
From: Tom Lane <tgl@sss.pgh.pa.us>
To: Simon Riggs <simon@2ndQuadrant.com>
Cc: Joshua Brindle <method@manicmethod.com>, Ron Mayer <rm_pg@cheapcomplexdevices.com>, Josh Berkus <josh@agliodbs.com>, "Joshua D. Drake" <jd@commandprompt.com>, Robert Haas <robertmhaas@gmail.com>, Merlin Moncure <mmoncure@gmail.com>, "Jonah H. Harris" <jonah.harris@gmail.com>, Gregory Stark <stark@enterprisedb.com>, Bruce Momjian <bruce@momjian.us>, Bernd Helmle <mailings@oopsware.de>, Peter Eisentraut <peter_e@gmx.net>, pgsql-hackers@postgresql.org
Date: 2009-01-27T16:26:18Z
Lists: pgsql-hackers
Simon Riggs <simon@2ndQuadrant.com> writes: > On Mon, 2009-01-26 at 22:55 -0500, Tom Lane wrote: >> Silently filtering out rows according to an arbitrary security policy >> can break a bunch of fundamental SQL semantics, the most obvious being >> foreign key constraints > That was exactly my reaction when I read the way it worked and I was > ready to reject the patch as a result. Bruce and KaiGai provided > documents that discuss the problem and it's a clearly a known issue in > the security community. Specifically, it hasn't prevented Oracle from > gaining security Certification and it shouldn't prevent us either. In > the end it's the certification that matters here, rather than a general > review of what database security is, or could be. Yeah, people like certification, but they also like products that work. Did you stop reading before getting to my non-security-based complaints? regards, tom lane