Dave Page wrote:
>
>
> Keeping PostgreSQL as secure as possible out of the box pretty much
> requires us to do the same in my mind - if an major feature such as
> pl/pgsql is easy for the user to enable should they want it, then it
> should be disabled by default to minimise the number of attack vectors
> for all those users that do not want it.
I wonder if Oracle ever recommended disabling PL/SQL (not to mention MS
Transact-SQL)...
Regards,
Andreas