Re: [HACKERS] proposal: schema variables
От | Fabien COELHO |
---|---|
Тема | Re: [HACKERS] proposal: schema variables |
Дата | |
Msg-id | alpine.DEB.2.21.1808231123050.31897@lancre обсуждение исходный текст |
Ответ на | Re: [HACKERS] proposal: schema variables (Pavel Stehule <pavel.stehule@gmail.com>) |
Ответы |
Re: [HACKERS] proposal: schema variables
|
Список | pgsql-hackers |
>> Security vs "good enough in some cases" looks bad to me. > > We don't find a agreement, because you are concentrated on transation, > me on session. And we have different expectations. I do not understand your point, as usual. I raise a factual issue about security, and you do not answer how this can be solved with your proposal, but appeal to argument of authority and declare your "strong opinion". I do not see any intrinsic opposition between having session objects and transactions. Nothing prevents a session object to be transactional beyond your willingness that it should not be. Now, I do expect all PostgreSQL features to be security-wise, whatever their scope. I do not think that security should be traded for "cheap & fast", esp as the sole use case for a feature is a security pattern that cannot be implemented securely with it. This appears to me as a huge contradiction, hence my opposition against this feature as proposed. The good news is that I'm a nobody: if a committer is happy with your patch, it will get committed, you do not need my approval. -- Fabien.
В списке pgsql-hackers по дате отправления: