Re: [HACKERS] proposal: schema variables
От | Nico Williams |
---|---|
Тема | Re: [HACKERS] proposal: schema variables |
Дата | |
Msg-id | 20171102153505.GP4496@localhost обсуждение исходный текст |
Ответ на | Re: [HACKERS] proposal: schema variables (Robert Haas <robertmhaas@gmail.com>) |
Ответы |
Re: [HACKERS] proposal: schema variables
Re: [HACKERS] proposal: schema variables Re: [HACKERS] proposal: schema variables |
Список | pgsql-hackers |
On Thu, Nov 02, 2017 at 06:05:54PM +0530, Robert Haas wrote: > On Thu, Oct 26, 2017 at 12:51 PM, Pavel Stehule <pavel.stehule@gmail.com> wrote: > > The variables can be modified by SQL command SET (this is taken from > > standard, and it natural) > > > > SET varname = expression; > > Overloading SET to handle both variables and GUCs seems likely to > create problems, possibly including security problems. For example, > maybe a security-definer function could leave behind variables to > trick the calling code into failing to set GUCs that it intended to > set. Or maybe creating a variable at the wrong time will just break > things randomly. That's already true of GUCs, since there are no access controls on set_config()/current_setting(). Presumably "schema variables" would really just be GUC-like and not at all like lexically scoped variables. And also subject to access controls, thus an overall improvement on set_config()/current_setting(). With access controls, GUCs could become schema variables, and settings from postgresql.conf could move into the database itself (which I think would be nice). Nico -- -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
В списке pgsql-hackers по дате отправления: