Re: W3C Specs: Web SQL
От | Charles Pritchard |
---|---|
Тема | Re: W3C Specs: Web SQL |
Дата | |
Msg-id | 4CD9AB8E.9090603@jumis.com обсуждение исходный текст |
Ответ на | Re: W3C Specs: Web SQL (Alvaro Herrera <alvherre@commandprompt.com>) |
Ответы |
Re: W3C Specs: Web SQL
(Jochem van Dieten <jochemd@gmail.com>)
Re: W3C Specs: Web SQL (tomas@tuxteam.de) |
Список | pgsql-hackers |
On 11/8/2010 4:47 PM, Alvaro Herrera wrote: > Excerpts from Charles Pritchard's message of lun nov 08 20:25:21 -0300 2010: >> On 11/8/2010 3:03 PM, Alvaro Herrera wrote: >>> Excerpts from Kevin Grittner's message of lun nov 08 19:30:54 -0300 2010: >>>> David Fetter<david@fetter.org> wrote: >>>>> That's not proof against a DoS >>>> What client API is? >>> This spec gives free rein into every web user's system to webmasters. >>> If this isn't terminally dangerous, I don't know what is. >> DoS is more-or-less the responsibility of the host to send up alerts like: >> "This page is hanging, do you want to continue..." or otherwise >> automatically close hanging queries. > I classify that kind of approach to security as "terminally dangerous", yes. > >> I don't believe the webmaster is granted free rein: >> Disk quotas are enforced, data is separated per origin, >> hanging processes are up to the implementer, and postgres has plenty of >> settings for that. > The day a privilege escalation is found and some webserver runs > "pg_read_file()" on your browser, will be a sad one indeed. > >> The default disk quota per origin is generally 5megs; beyond that, >> additional user interaction is requested. > So 5 megs to a.example.com, 5 megs to b.example.com, and so on? Sounds, > eh, great. > I don't think it's fair to assume a privilege escalation will be found: using that argument, no software should ever run on a client/server. That said, NaCl and PNaCl are under active development and I've no doubt that Postgres could be compiled by the tool set in the future. http://code.google.com/p/nativeclient/ Still, that's a diversion from the topic: Postgres can run on workstations, with an audience of browser-oriented implementations. Postgres is more stable than Sqlite for "enterprise-level" activity, hardened/enterprise browser distributions would choose Postgres over Sqlite for Web SQL implementations. I don't think it's fair to assume a privilege escalation will be found: using that argument, no software should ever run on a client/server. That said, NaCl and PNaCl are under active development and I've no doubt that Postgres could be compiled by the tool set in the future. http://code.google.com/p/nativeclient/ Still, that's a diversion from the topic: Postgres can run on workstations, with an audience of browser-oriented implementations. Postgres is more stable than Sqlite for "enterprise-level" activity, hardened/enterprise browser distributions would choose Postgres over Sqlite for Web SQL implementations. And as for the quota issues: that's really up to the browser vendor. It's completely out of spec here. And it's how the web currently works for hundreds of millions of users: it's not introducing a security issue, as it reflects the current state of security.
В списке pgsql-hackers по дате отправления: