Re: [GENERAL] PostgreSQL 7.2.2: Security Release
Neil Conway <neilc@samurai.com>
From: Neil Conway <neilc@samurai.com>
To: Bruce Momjian <pgman@candle.pha.pa.us>
Cc: Neil Conway <neilc@samurai.com>, "Marc G. Fournier" <scrappy@hub.org>, PostgreSQL Hackers <pgsql-hackers@postgresql.org>
Date: 2002-08-24T04:47:16Z
Lists: pgsql-hackers, pgsql-general
Bruce Momjian <pgman@candle.pha.pa.us> writes: > The issue is data-provoked crashes vs. query-invoked crashes. Marc's > point, and I think it was clear enough, is that you can't just poke at > the TCP port and hope to do anything bad, which was the thrust of the > argument, I think. The point I objected to is the suggestion that only those running "shared" or "open" systems are vulnerable to the security problem. That is simply incorrect. Cheers, Neil -- Neil Conway <neilc@samurai.com> || PGP Key ID: DB3C29FC