Quick Links

Re: Referential integrity vulnerability in 8.3.3

From:	Richard Huxton <dev(at)archonet(dot)com>
To:	Sergey Konoplev <gray(dot)ru(at)gmail(dot)com>
Cc:	pgsql-general(at)postgresql(dot)org
Subject:	Re: Referential integrity vulnerability in 8.3.3
Date:	2008-07-15 13:19:41
Message-ID:	487CA3ED.7060005@archonet.com
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-general

Sergey Konoplev wrote:
> Yes it is. But it the way to break integrity cos rows from table2
> still refer to deleted rows from table1. So it conflicts with
> ideology isn't it?

Yes, but I'm not sure you could have a sensible behaviour-modifying
BEFORE trigger without this loophole. Don't forget, ordinary users can't
work around this - you need suitable permissions.

You could rewrite PG's foreign-key code to check the referencing table
after the delete is supposed to have taken place, and make sure it has.
That's going to halve the speed of all your foreign-key checks though.

--
Richard Huxton
Archonet Ltd

In response to

Re: Referential integrity vulnerability in 8.3.3 at 2008-07-15 12:28:06 from Sergey Konoplev

Responses

Re: Referential integrity vulnerability in 8.3.3 at 2008-07-15 14:02:27 from Sergey Konoplev
Re: Referential integrity vulnerability in 8.3.3 at 2008-08-14 09:14:25 from Joris Dobbelsteen

Browse pgsql-general by date

	From	Date	Subject
Next Message	Morten Barklund	2008-07-15 13:30:16	Re: Unicode database on non-unicode operating system
Previous Message	Peter Eisentraut	2008-07-15 12:32:55	Re: Unicode database on non-unicode operating system