Re: Having Fun With PostgreSQL
It would probably be fair to mention that dblink is not a product that
is installed by default in pg.
On Sat, Jun 16, 2007 at 07:11:47PM +0200, Nico Leidecker wrote:
> Dear list,
>
> I'd like to present a paper about security issues with PostgreSQL. The paper
> describes weaknesses in the configuration that may allow attackers to
> escalade privileges, execute shell commands and to upload arbitrary (binary)
> files via SQL injections.
>
> You can either get the TXT version from
> http://www.leidecker.info/pgshell/Having_Fun_With_PostgreSQL.txt
> Or as PDF at at
> http://www.portcullis.co.uk/uplds/whitepapers/Having_Fun_With_PostgreSQL.pdf
>
> The paper comes with a tool called `pgshell' that can be downloaded at
> http://www.leidecker.info/pgshell/
>
> Cheers,
> Nico
>
> _____________________________________________________________________
> Der WEB.DE SmartSurfer hilft bis zu 70% Ihrer Onlinekosten zu sparen!
> http://smartsurfer.web.de/?mc=100071&distributionid=000000000066
--
Lost time is when we learn nothing from the experiences of life. Time
gained is when we grow to have a wisdom that is tested in the reality of life.