Re: [SECURITY] DoS attack on backend possible
Florian Weimer <weimer@cert.uni-stuttgart.de>
From: Florian Weimer <Weimer@CERT.Uni-Stuttgart.DE>
To: Justin Clift <justin@postgresql.org>
Cc: pgsql-hackers@postgresql.org
Date: 2002-08-19T17:14:18Z
Lists: pgsql-hackers
Justin Clift <justin@postgresql.org> writes: > You guys *definitely* write scarey code. Yes, indeed. My code has a lot of unnecessary and error-prone input validation checks because I don't trust the PostgreSQL parser. That's scary. You don't trust your database that it processes a simple text string, yet you still believe that it keeps all the data you store, although this involves much more complex data structures and algorithms. What a strange asymmetry! -- Florian Weimer Weimer@CERT.Uni-Stuttgart.DE University of Stuttgart http://CERT.Uni-Stuttgart.DE/people/fw/ RUS-CERT fax +49-711-685-5898