Tom Lane wrote: > The underlying C-level get_raw_page function is still there, but > it now expects three arguments not two, and will crash if it's > passed an int4 where it's expecting a text argument. But the old > function definition will migrate without error --- there's no way > for pg_migrator to realize it's installing a security hazard.
FYI, there is nothing pg_migrator specific here. Someone doing a dump/reload from 8.3 to 8.4 would have the same security issue. pg_migrator is using the same pg_dump output as a dump restore, except it uses --schema. pg_migrator would actually be more secure because it will exit on the restore error rather than having the error possibly ignored by the user. -- Bruce Momjian <br...@momjian.us> http://momjian.us EnterpriseDB http://enterprisedb.com + If your life is a hard drive, Christ can be your backup. + -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers