Re: Possible make_oidjoins_check Security Issue

Tom Lane <tgl@sss.pgh.pa.us>

From: Tom Lane <tgl@sss.pgh.pa.us>
To: Andrew Dunstan <andrew@dunslane.net>
Cc: Neil Conway <neilc@samurai.com>, Rod Taylor <pg@rbt.ca>, PostgreSQL Development <pgsql-hackers@postgresql.org>
Date: 2004-10-20T14:38:25Z
Lists: pgsql-hackers
Andrew Dunstan <andrew@dunslane.net> writes:
> Tom Lane wrote:
>> I suspect that no one on the planet
>> except Bruce and myself have ever actually run this script.

> Then why don't we just remove it? Problem solved ...

Because it's a needed maintenance tool.  There isn't any particularly
good reason for it to get installed as though it were an interesting
program for users, though, so I think that this is mostly a matter of
poor packaging choices.  I am in fact intending to remove the
contrib/findoidjoins files from the set of stuff installed by Red Hat's
RPMs.

I suppose you could make an argument for moving this directory out of
contrib and putting it under src/tools instead, but that seems like more
work (and loss of CVS history) than it's worth.

			regards, tom lane