* Robert Haas (robertmh...@gmail.com) wrote: > 2010/6/7 KaiGai Kohei <kai...@ak.jp.nec.com>: > > Our headache is on functions categorized to middle-threat. It enables to > > leak the given arguments using error messages. Here are several ideas, > > but they have good and bad points. > > I think we are altogether off in the weeds here. We ought to start > with an implementation that pushes nothing down, and then try to > figure out how much we can relax that without too much compromising > security.
I agree with this- and it's more-or-less what I was trying to propose in
my previous comments. I'm not even sure we need to focus on not pushing
anything down at this point- I'd start with trying to get enough
information passed around/through the system to even *identify* the case
where there's a problem in the first place..
Thanks,
Stephen
signature.asc
Description: Digital signature
