On 11/8/2010 7:55 AM, Alvaro Herrera wrote:
> Excerpts from Charles Pritchard's message of sáb nov 06 23:20:13 -0300 2010:
>
>> Simple async sql sub-set (the spec in trouble):
>> http://dev.w3.org/html5/webdatabase/
> This is insane. This spec allows the server to run arbitrary SQL
> commands on the client, AFAICT. That seems like infinite joy for
> malicious people running webservers. The more powerful the dialect of
> SQL the client implements, the more dangerous it is.
Because of a lack of "interested implementers", the spec does not put
forward a standard dialect/subset. It simply uses Sqlite.
Obviously, access should be restricted per the security section: a given
domain may only run commands that modify its own database.
Remember, this is client-side, in respect to "implementations". Each
domain (origin) would behave as its own unique user with its own unique
database (or namespace).
That said, there are a few Server side JS apps around, and they're
certainly more agile than browser vendors: the "openDatabase" command
does not encompass
credentials for multi-user situations in SSJS [again, because it's glued
to the origin, on client-side].
With postgres current security options, I don't see that being a
difficult issue.