Dave Page wrote:
Keeping PostgreSQL as secure as possible out of the box pretty much
requires us to do the same in my mind - if an major feature such as
pl/pgsql is easy for the user to enable should they want it, then it
should be disabled by default to minimise the number of attack vectors
for all those users that do not want it.
I wonder if Oracle ever recommended disabling PL/SQL (not to mention MS
Transact-SQL)...
Regards,
Andreas
---------------------------(end of broadcast)---------------------------
TIP 3: Have you checked our extensive FAQ?
http://www.postgresql.org/docs/faq
