On Thu, Dec 30, 2010 at 9:49 AM, Florian Pflug <fgp@phlo.org> wrote:
> On Dec30, 2010, at 13:31 , Joachim Wieland wrote:
>> We return snapshot information as a chunk of data to the client. At
>> the same time however, we set a checksum in shared memory to protect
>> against modification of the snapshot. A publishing backend can revoke
>> its snapshot by deleting the checksum and a backend that is asked to
>> install a snapshot can verify that the snapshot is correct and current
>> by calculating the checksum and comparing it with the one in shared
>> memory.
>
> We'd still have to stream these checksums to the standbys though,
> or would they be exempt from the checksum checks?
I am not talking about having synchronized snapshots among standby
servers at all.
I am only proposing a client API that will work for this future idea as well.
> I still wonder whether these checks are worth the complexity. I
> believe we'd only allow snapshot modifications for read-only queries
> anyway, so what point is there in preventing clients from setting
> broken snapshots?
What's the use case for it? As soon as nobody comes up with a
reasonable use case for it, let's aim for the robust version.
Joachim