On Mon, Aug 19, 2013 at 11:44:36PM +0200, Dimitri Fontaine wrote:
Bruce Momjian <bruce@momjian.us> writes:
That's pretty vague. Exactly what does "keys to the kingdom" mean? If
it means you can do anything to the database, you are right. If it
means executing arbitrary code, including arbitrary kernel calls, I
would like to hear how that is done.
You've now heard about one way to do that in an off-list email, so that
it's not in our public archives for any malicious user to find it.
Yes, agreed. FYI, the method I listed above is public and was
discovered on an exploit website.

--
   Bruce Momjian <bruce@momjian.us> http://momjian.us
   EnterpriseDB http://enterprisedb.com

   + It's impossible for everything to be true. +

Search Discussions

Discussion Posts

Previous

Related Discussions

Discussion Navigation
viewthread | post
posts ‹ prev | 14 of 14 | next ›
Discussion Overview
grouppgsql-hackers @
categoriespostgresql
postedAug 17, '13 at 9:53p
activeAug 19, '13 at 11:42p
posts14
users7
websitepostgresql.org...
irc#postgresql

People

Translate

site design / logo © 2017 Grokbase