Skip site navigation (1) Skip section navigation (2)

Re: [HACKERS] What about CREATE OR REPLACE FUNCTION?

From: Mike Mascari <mascarm(at)mascari(dot)com>
To: Christopher Kings-Lynne <chriskl(at)familyhealth(dot)com(dot)au>
Cc: Peter Eisentraut <peter_e(at)gmx(dot)net>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Jean-Michel POURE <jm(dot)poure(at)freesurf(dot)fr>, pgsql-hackers(at)postgresql(dot)org, Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us>, pgadmin-hackers(at)postgresql(dot)org
Subject: Re: [HACKERS] What about CREATE OR REPLACE FUNCTION?
Date: 2001-10-10 06:16:11
Message-ID: 3BC3E7AB.7901A3F8@mascari.com (view raw or flat)
Thread:
Lists: pgadmin-hackerspgsql-hackers
Christopher Kings-Lynne wrote:
> 
> I seem to recall that Oracle has all sorts of fancy resource limits that can
> be applied to users.  If such resource limits were implemented, then maybe
> the DBA could have the power to limit someone to a maximum of 20% cpu and a
> few transactions per second or something.
> 
> Chris

I was hoping that after completing the current project I'm working
on I might be able to contribute this feature. Oracle calls them
PROFILEs which are a set of resource limits associated with a user.
They can limit:

No. of simultaneous connections
No. of blocks read per query
No. of blocks read per connection
CPU time per query
CPU time per connection
Idle time

as well as a few more esoteric others. I haven't looked at the new
system resource reporting system that Jan wrote, but I suspect some
of the statistics he gathers might already be available. Limiting
simultaneous connections by a user might take a little effort.
Limiting idle time might as well. Both have been a requested feature
in the past, but have pitfalls associated with them. But right now
denial of service for a user with database access is easy: soak up
all available connections. Like Jan's resource statistics collector,
Oracle's profiles must be enabled in the initSID.ora configuration
file since it takes a few cycles to actually account for user
activity.

Mike Mascari
mascarm(at)mascari(dot)com

> > Tom Lane writes:
> >
> > > I believe the primary reason why PL languages aren't installed by
> > > default is security considerations
> >
> > Well, that argumentation seems to be analogous to giving someone login
> > access on a multiuser computer system but not letting him execute, say,
> > perl because he might write recursive functions with it.  Such setups
> > exist (perhaps with something else instead of perl and recursive
> > functions) but they are not the norm and usually fine-tuned by the
> > administrator.
...
> > 
> > Peter Eisentraut   peter_e(at)gmx(dot)net   http://funkturm.homeip.net/~peter

In response to

pgsql-hackers by date

Next:From: Tatsuo IshiiDate: 2001-10-10 06:40:25
Subject: Encoding issues
Previous:From: Barry LindDate: 2001-10-10 04:32:33
Subject: Re: [HACKERS] TOAST and bytea JAVA

pgadmin-hackers by date

Next:From: Tatsuo IshiiDate: 2001-10-12 05:53:40
Subject: Re: [HACKERS] pg_client_encoding
Previous:From: Christopher Kings-LynneDate: 2001-10-10 01:57:10
Subject: Re: [HACKERS] What about CREATE OR REPLACE FUNCTION?

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group