Grokbase Groups PostgreSQL pgsql-hackers February 2010
FAQ

On Wed, Feb 3, 2010 at 10:21 AM, Tom Lane wrote:
Robert Haas <robertmhaas@gmail.com> writes:
Should we think about adding a GUC to disable renegotiation until this
blows over?
Bad idea: once set, it'll never get unset, thus leaving installations
with a weakened security posture even after they've installed fixed
versions of openssl.
That's a problem, but our current posture of holding our breath
doesn't seem to be working either. If we insist on shipping code that
doesn't work with currently-distributed versions of OpenSSL, people
will do things like, say, shut SSL off. Or packagers of PostgreSQL
will apply patches that disable it unconditionally, leaving us with no
control.

...Robert

Search Discussions

Discussion Posts

Previous

Follow ups

Related Discussions

Discussion Navigation
viewthread | post
posts ‹ prev | 6 of 42 | next ›
Discussion Overview
grouppgsql-hackers @
categoriespostgresql
postedFeb 3, '10 at 11:25a
activeFeb 25, '10 at 3:10p
posts42
users12
websitepostgresql.org...
irc#postgresql

12 users in discussion

Tom Lane: 12 posts Magnus Hagander: 11 posts Chris Campbell: 4 posts Joshua D. Drake: 3 posts Robert Haas: 3 posts Michael Ledford: 2 posts Bruce Momjian: 2 posts Stefan Kaltenbrunner: 1 post Heikki Linnakangas: 1 post Alvaro Herrera: 1 post Dave Page: 1 post Albe Laurenz: 1 post

Content

People

Support

Translate

site design / logo © 2022 Grokbase