| From: | JanWieck(at)t-online(dot)de (Jan Wieck) |
|---|---|
| To: | Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> |
| Cc: | Jan Wieck <JanWieck(at)Yahoo(dot)com>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Oliver Elphick <olly(at)lfix(dot)co(dot)uk>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Big 7.1 open items |
| Date: | 2000-06-15 04:15:22 |
| Message-ID: | 200006150415.GAA08753@hot.jw.home |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers pgsql-patches |
Bruce Momjian wrote:
> >
> > DESCRIBE TABLE/VIEW/whatnot <object-name>
> >
> > that returns the physical location and storage details of the
> > object. And psql could use it to print this info additional
> > on the \d commands. Would give unprivileged users access to
> > this info, so be it, it's not a security issue IMHO.
>
> You need something that works from the command line, and something that
> works if PostgreSQL is not running. How would you restore one file from
> a tape. I guess you could bring back the whole thing, then do the
> query, and move the proper table file back in, but that is a pain.
Think you messed up some basics of PG here.
It's totally useless to restore single files of a PostgreSQL
database. You could either put back anything below ./data, or
nothing - the reason is pg_log.
You don't need something that work's if PostgreSQL is not
running. You cannot restore ONE file from a tape! You can
restore a PostgreSQL instance (only a complete one - not a
single DB, nor a single table or any other object). While
your backup is writing to the tape, each number of backends
could concurrently modify single blocks of the heap, it's
indices and pg_log. So what does the tape contain the?
I'd like to ask you, are you sure the backups you're making
are worth the power consumption of the tape drive? You're
talking about restoring a file - and sould be aware of the
fact, that any file based backup would never be able to get
consistent snapshot of the database, like pg_dump is able to.
As long as you don't take the postmaster down during the
entire saving of ./data, you aren't in a safe position. And
the only safe RESTORE is to restore ./data completely or
nothing. It's not even (easily) possible to initdb and
restore a single DB from tape (it is, but requires some deep
knowledge and more than just restoring some files from tape).
YOU REALLY DON'T NEED ANY FILENAMES IN THERE!
The more I think about it, the more I feel these file names,
easily associatable with the objects they represent, are more
dangerous than useful in practice. Maybe we should obfuscate
the entire ./data like Oracle does with it's tablespace
files. Just that our tablespaces will be directories,
containing totally cryptic named files.
Jan
--
#======================================================================#
# It's easier to get forgiveness for being wrong than for being right. #
# Let's break this rule - forgive me. #
#================================================== JanWieck(at)Yahoo(dot)com #
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Jan Wieck | 2000-06-15 04:20:21 | Re: Big 7.1 open items |
| Previous Message | Tom Lane | 2000-06-15 03:42:45 | Re: input/output functions have been changed ? |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Jan Wieck | 2000-06-15 04:20:21 | Re: Big 7.1 open items |
| Previous Message | Bruce Momjian | 2000-06-15 03:21:15 | Re: Big 7.1 open items |