19 lines
No EOL
865 B
Markdown
19 lines
No EOL
865 B
Markdown
# Security Policy
|
|
|
|
I am not responsible. Use it at own risk.
|
|
|
|
## Vulnerability Definition
|
|
|
|
Please be aware that this script is intended to be run by administrators,
|
|
who already generally already have privileged access to the machines on
|
|
which the script is running. Therefore, an example vulnerability that
|
|
uses an unusual set of characters in a password (see #20) to make the
|
|
script not run or to return bizarre results is not considered a meaningful
|
|
vulnerability, since the administrator presumably wouldn't use such a
|
|
password in the first place.
|
|
|
|
Conversely, however, an example vulnerability that allowed someone with
|
|
`Create_priv` to create a schema with a special name that triggers arbitrary
|
|
code execution in the context of the user running this script when the script
|
|
is invoked is clearly a vulnerability, and will be addressed with the utmost
|
|
urgency. |