For the security minded: Nico Leidecker <[EMAIL PROTECTED]> posted this to bugtraq yesterday, fyi.
"I'd like to present a paper about security issues with PostgreSQL. The paper describes weaknesses in the configuration that may +allow attackers to escalade privileges, execute shell commands and to upload arbitrary (binary) files via SQL injections. You can either get the TXT version from http://www.leidecker.info/pgshell/Having_Fun_With_PostgreSQL.txt Or as PDF at at http://www.portcullis.co.uk/uplds/whitepapers/Having_Fun_With_PostgreSQL.pdf The paper comes with a tool called `pgshell' that can be downloaded at http://www.leidecker.info/pgshell"; ---------------------------(end of broadcast)--------------------------- TIP 6: explain analyze is your friend
