On Thu, Dec 1, 2016 at 4:33 PM, Tom Lane <t...@sss.pgh.pa.us> wrote: > Robert Haas <robertmh...@gmail.com> writes: >> On Wed, Nov 30, 2016 at 1:50 PM, Greg Stark <st...@mit.edu> wrote: >>> I can't say I feel especially strongly either way on this but just to >>> toss out a small thing that might make a small difference.... >>> >>> If you happen to know how your message-ids are generated then you >>> might be able to do something useful with them. For instance, you >>> could search all git commits for urls to messages you wrote -- for >>> instance any commit that has CAB7nPq is referencing a message written >>> by Michael Paquier. >>> >>> On the other hand you could put something naughty in the message-id >>> forcing everyone else to use URLs with dirty words in them. Or with >>> words like "terrorist" in them. Or with some javascript/html injection >>> attack of some sort... > >> ...or the name of your company/your email hosting provider's company... > > I think this is a straw man. We've already decided to use message-IDs > as the basic identity of messages for this purpose; other proposals > were considered before and rejected as too inconvenient. > > When and if somebody tries to game that, we can do something about it, > but I'm not very worried. It's not like it's not trivial to get your > company's name, or $badword of your choice, into the archives already. > The former is more or less standard practice, in fact, as per this > very message:
Sure, of course. But it's a bit different when it's in the commit log. -- Robert Haas EnterpriseDB: http://www.enterprisedb.com The Enterprise PostgreSQL Company -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers