Re: DoS Vulnerability

Поиск
Список
Период
Сортировка
От David G. Johnston
Тема Re: DoS Vulnerability
Дата
Msg-id CAKFQuwYnfsEKL1=M+LROeXTRRTC7EpLhyNP3ekizOHiiwq7GiA@mail.gmail.com
обсуждение исходный текст
Ответ на DoS Vulnerability  (emad al-mousa <emadalmousa2002@yahoo.com>)
Список pgsql-bugs
Дерево обсуждения
On Tue, May 14, 2024, 10:12 emad al-mousa <emadalmousa2002@yahoo.com> wrote:

keeping connect permission by default granted to PUBLIC in PostgreSQL is opening a wide security hole that shouldn't exist in the first.

This isn't a bug nor a security issue, but I do concur that we should remove these defaults.  We've successfully (without being questioned why by users) done both public schema and createrole attribute changes in the past couple of years and this seems like a natural progression of secure defaults.


David J.

В списке pgsql-bugs по дате отправления:

Предыдущее
От: Tom Lane
Дата:
Сообщение: Re: BUG #18463: Possible bug in stored procedures with polymorphic OUT parameters
Следующее
От: Tom Lane
Дата:
Сообщение: Re: BUG #18463: Possible bug in stored procedures with polymorphic OUT parameters