From: | "A(dot)M(dot)" <agentm(at)themactionfaction(dot)com> |
---|---|
To: | pgsql-general(at)postgresql(dot)org |
Subject: | Re: OT - pg perl DBI question |
Date: | 2008-01-29 20:16:41 |
Message-ID: | 043FA16D-3FE9-4A04-B1F8-FFD41D43AA44@themactionfaction.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-general |
On Jan 29, 2008, at 2:36 PM, Andrew Sullivan wrote:
> On Tue, Jan 29, 2008 at 01:56:35PM -0500, A.M. wrote:
>> The postgresql from eight years ago is also quite rusty.
>
> No, it's not, which is my point. If you don't need any of the
> features you
> mention, and are aware of the limitations, there's nothing wrong with
> using it. The v2 protocol works, for instance, and for some
> applications
> there's nothing wrong with it.
>
> I wouldn't start a large project using Pg.pm right now, for sure,
> but I
> think dismissing code you don't use on the basis that it's old is just
> silly. The reason we say "upgrade your postgresql" is not because
> it's old,
> but because there are _known_ bugs in it, and those bugs eat data.
>
...and Pg.pm includes a serious security hole in the form of non-
existent query escaping which will never be fixed. Are we really
discussing the semantics of "rust"?
-M
From | Date | Subject | |
---|---|---|---|
Next Message | Bruce Momjian | 2008-01-29 20:22:59 | Re: PGCon vs Postgresql Conference |
Previous Message | Michael Fuhr | 2008-01-29 19:48:52 | Re: Analyze Explanation |