-----Original Message-----
From: [EMAIL PROTECTED] on behalf of Steve Atkins
Sent: Sun 7/31/2005 5:35 AM
To: PostgreSQL-development
Subject: Re: [HACKERS] Remote administration functionality
> So, while I can see the attraction of being able to futz with the
> database security configuration through a PHP web interface running on
> an unpatched Apache build somewhere out on the open internet (and
> would like to be able to do so myself, sometimes) I'd really, really
> like to see the ability to disable as much of this at compile time as
> is convenient.
Yes, Tom expressed a similar concern and suggested he would be happy with a GUC
to disable potentially dangerous functions (which we could later extend to
other features like untrusted PLs). This GUC was added to the patch by Magnus
yesterday and would allow you to secure your system from attacks via the new
functions in an insecure environment.
Regards, Dave.
---------------------------(end of broadcast)---------------------------
TIP 3: Have you checked our extensive FAQ?
http://www.postgresql.org/docs/faq
