mirror of
https://github.com/postgres/postgres.git
synced 2025-07-30 11:03:19 +03:00
Add:
> * Prevent malicious functions from being executed with the permissions > of unsuspecting users > > Index functions are safe, so VACUUM and ANALYZE are safe too. > Triggers, CHECK and DEFAULT expressions, and rules are still vulnerable. > http://archives.postgresql.org/pgsql-hackers/2008-01/msg00268.php
This commit is contained in:
Bruce Momjian
22
doc/TODO
22
doc/TODO
@ -1,7 +1,7 @@
|
||||
PostgreSQL TODO List
|
||||
====================
|
||||
Current maintainer: Bruce Momjian (bruce@momjian.us)
|
||||
Last updated: Wed Mar 5 22:22:28 EST 2008
|
||||
Last updated: Thu Mar 6 12:19:28 EST 2008
|
||||
|
||||
The most recent version of this document can be viewed at
|
||||
http://www.postgresql.org/docs/faqs.TODO.html.
|
||||
@ -151,8 +151,6 @@ Administration
|
||||
http://archives.postgresql.org/pgsql-hackers/2006-12/msg00497.php
|
||||
|
||||
|
||||
|
||||
|
||||
Data Types
|
||||
==========
|
||||
|
||||
@ -307,7 +305,6 @@ Data Types
|
||||
* Allow MONEY to be easily cast to/from other numeric data types
|
||||
|
||||
|
||||
|
||||
Functions
|
||||
=========
|
||||
|
||||
@ -370,6 +367,12 @@ Functions
|
||||
|
||||
http://archives.postgresql.org/pgsql-patches/2007-08/msg00012.php
|
||||
|
||||
* Prevent malicious functions from being executed with the permissions
|
||||
of unsuspecting users
|
||||
|
||||
Index functions are safe, so VACUUM and ANALYZE are safe too.
|
||||
Triggers, CHECK and DEFAULT expressions, and rules are still vulnerable.
|
||||
http://archives.postgresql.org/pgsql-hackers/2008-01/msg00268.php
|
||||
|
||||
|
||||
Multi-Language Support
|
||||
@ -412,7 +415,6 @@ Multi-Language Support
|
||||
|
||||
Currently client_encoding is set in postgresql.conf, which
|
||||
defaults to the server encoding.
|
||||
|
||||
http://archives.postgresql.org/pgsql-hackers/2006-08/msg01696.php
|
||||
|
||||
|
||||
@ -740,6 +742,7 @@ Referential Integrity
|
||||
http://archives.postgresql.org/pgsql-hackers/2006-09/msg01458.php
|
||||
|
||||
|
||||
|
||||
Server-Side Languages
|
||||
=====================
|
||||
|
||||
@ -788,6 +791,7 @@ Server-Side Languages
|
||||
http://archives.postgresql.org/pgsql-hackers/2007-05/msg00289.php
|
||||
|
||||
|
||||
|
||||
Clients
|
||||
=======
|
||||
|
||||
@ -929,6 +933,8 @@ Clients
|
||||
|
||||
http://archives.postgresql.org/pgsql-hackers/2007-03/msg01803.php
|
||||
|
||||
|
||||
|
||||
Triggers
|
||||
========
|
||||
|
||||
@ -1072,6 +1078,7 @@ Fsync
|
||||
* Add program to test if fsync has a delay compared to non-fsync
|
||||
|
||||
|
||||
|
||||
Cache Usage
|
||||
===========
|
||||
|
||||
@ -1131,7 +1138,6 @@ Cache Usage
|
||||
|
||||
|
||||
|
||||
|
||||
Vacuum
|
||||
======
|
||||
|
||||
@ -1188,6 +1194,7 @@ Vacuum
|
||||
http://archives.postgresql.org/pgsql-general/2007-06/msg01645.php
|
||||
|
||||
|
||||
|
||||
Locking
|
||||
=======
|
||||
|
||||
@ -1220,6 +1227,7 @@ Locking
|
||||
|
||||
|
||||
|
||||
|
||||
Startup Time Improvements
|
||||
=========================
|
||||
|
||||
@ -1232,6 +1240,7 @@ Startup Time Improvements
|
||||
a single session using multiple threads to execute a statement faster.
|
||||
|
||||
|
||||
|
||||
Write-Ahead Log
|
||||
===============
|
||||
|
||||
@ -1388,6 +1397,7 @@ Miscellaneous Performance
|
||||
concurrent reads from multiple devices in a partitioned table.
|
||||
|
||||
|
||||
|
||||
Source Code
|
||||
===========
|
||||
|
||||
|
||||
Reference in New Issue
Block a user