Re: Stuff for 2.4.1

From: Federico Di Gregorio <federico(dot)digregorio(at)dndg(dot)it>
To: psycopg(at)postgresql(dot)org
Subject: Re: Stuff for 2.4.1
Date: 2011-03-28 07:11:10
Message-ID: 4D90348E.3080106@dndg.it
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: psycopg

On 27/03/11 19:23, David Blewett wrote:
> On Sun, Mar 27, 2011 at 9:46 AM, Daniele Varrazzo
> <daniele(dot)varrazzo(at)gmail(dot)com> wrote:
>> > On Sun, Mar 27, 2011 at 12:51 PM, Harald Armin Massa
>> > <harald(at)2ndquadrant(dot)com> wrote:
>>> >> Are you really sure that psycopg2 should go the road of having own
>>> >> parsers in addition to libpq-s routines? As much as I am happy about
>>> >> the robustness when having other libpqs, and about the performance
>>> >> benefit, as much I fear to have some new areas for possible bugs -
>>> >> especially security-relevant things like SQL-injections.
>> >
>> > The will to stick as much as possible to the libpq functions has been
>> > the reason I had not written the above parser before (releasing
>> > 2.4.0). Unfortunately the bytea problem has proven trickier to handle
>> > for many psycopg users. I've changed my mind as I think psycopg has
>> > the responsibility to provide a set of feature in a robust way, and if
>> > the libpq is just not reliable for bytea parsing (for me the hex
>> > format should have been backported to the the client libraries of the
>> > previous versions) I think we have to provide a solution, not just to
>> > propagate the problem.
> I think I agree with Harald here. In my opinion, this shouldn't be
> done at the driver level. There never has been a guarantee from the
> database side that applications compiled against older libpq will be
> able to communicate with newer versions. Emulating this in the driver
> only propagates this mis-conception. What has been the problem in the
> past? Maybe the documentation should be improved so that people are
> sure to build against the appropriate version of libpq for the version
> of the server they intend to communicate with?

What Daniele did is fine:

1) There is no security problem, because the code only work in the
database->user direction.

2) Allows communication with different combinations of backend/libpq
versions without adding the overhead of extra quesries when
establishing the connection (i.e., it just works and this is
very important for the user).

Also, while I am writing very few new code I am reviewing everything and
I am confident to say that psycopg is much safe now than 2 years ago
when I was the only developer.

federico

--
Federico Di Gregorio federico(dot)digregorio(at)dndg(dot)it
Studio Associato Di Nunzio e Di Gregorio http://dndg.it
When people say things are a lot more complicated than that, they
means they're getting worried that they won't like the truth.
-- Granny Weatherwax

In response to

Responses

Browse psycopg by date

  From Date Subject
Next Message A.M. 2011-03-28 15:00:51 Re: Stuff for 2.4.1
Previous Message Daniele Varrazzo 2011-03-27 19:36:47 Re: Stuff for 2.4.1