X-Original-To: pgsql-www-postgresql.org@localhost.postgresql.org Received: from localhost (av.hub.org [200.46.204.144]) by postgresql.org (Postfix) with ESMTP id 2A3A49DCCFC for ; Mon, 28 Nov 2005 17:19:10 -0400 (AST) Received: from postgresql.org ([200.46.204.71]) by localhost (av.hub.org [200.46.204.144]) (amavisd-new, port 10024) with ESMTP id 45612-06-5 for ; Mon, 28 Nov 2005 17:19:09 -0400 (AST) X-Greylist: from auto-whitelisted by SQLgrey- Received: from mx-2.sollentuna.net (mx-2.sollentuna.net [195.84.163.199]) by postgresql.org (Postfix) with ESMTP id 22E159DD620 for ; Mon, 28 Nov 2005 15:56:57 -0400 (AST) Received: from ALGOL.sollentuna.se (janus.sollentuna.se [62.65.68.67]) by mx-2.sollentuna.net (Postfix) with ESMTP id AA0B88F286; Mon, 28 Nov 2005 20:56:56 +0100 (CET) Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-MimeOLE: Produced By Microsoft Exchange V6.5.7226.0 Subject: Re: Security information page Date: Mon, 28 Nov 2005 20:56:58 +0100 Message-ID: <6BCB9D8A16AC4241919521715F4D8BCE92E8B6@algol.sollentuna.se> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: [pgsql-www] Security information page thread-index: AcX0JdJ/1LbOOPk/Q4iRgccJAC2MOgAL/zlg From: "Magnus Hagander" To: "Tom Lane" Cc: "Neil Conway" , , "Simon Riggs" X-Virus-Scanned: by amavisd-new at hub.org X-Spam-Status: No, score=0 required=5 tests=[none] X-Spam-Score: 0 X-Spam-Level: X-Archive-Number: 200511/180 X-Sequence-Number: 8895 > >> Personally I think we shouldn't make the latter claim, anyway: for=20 > >> example, whether COALESCE(NULL, NULL) dumping core (fixed=20 > in 8.0.3)=20 > >> is a "security issue" > >> is often in the eye of the beholder. >=20 > > If we (the PGDG) beleive that is a security issue, it=20 > should be on the=20 > > list. And it should be back-patched to other stable branches - has=20 > > this been done? >=20 > 2005-04-10 16:57 tgl >=20 > * src/backend/optimizer/util/: clauses.c=20 > (REL7_4_STABLE), clauses.c > (REL8_0_STABLE), clauses.c: Make constant-folding produce sane > output for COALESCE(NULL,NULL), that is a plain NULL and not a > COALESCE with no inputs. Fixes crash reported by Michael > Williamson. >=20 > It wasn't back-patched further because earlier versions don't=20 > have the bug. Rihgt. Added to the list. > In general, I think we consider any potential server core=20 > dump to be a security issue, if it can be provoked by=20 > unprivileged users. Even if it's not exploitable in any=20 > other way, denial-of-service is still a security concern. Seems like a good policy to me. Anybody have anything else to add to the list? //Magnus