Skip site navigation (1) Skip section navigation (2)

Re: function body actors (was: [PERFORM] viewing source code)

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Andrew Sullivan <ajs(at)crankycanuck(dot)ca>
Cc: pgsql-hackers(at)postgresql(dot)org
Subject: Re: function body actors (was: [PERFORM] viewing source code)
Date: 2007-12-21 16:47:43
Message-ID: 6533.1198255663@sss.pgh.pa.us (view raw or flat)
Thread:
Lists: pgsql-hackerspgsql-performance
Andrew Sullivan <ajs(at)crankycanuck(dot)ca> writes:
> On Fri, Dec 21, 2007 at 12:09:28AM -0500, Merlin Moncure wrote:
>> Maybe a key management solution isn't required.

> I like this idea much better, because the same basic mechanism can be used
> for more than one thing, and it doesn't build in a system that is
> fundamentally weak.  Of course, you _can_ build a weak system this way, but
> there's an important difference between building a fundamentally weak system
> and making weak systems possible.

I find myself unconvinced by this argument.  The main problem is: how
do we know that it's possible to build a strong system atop this
mechanism?  Just leaving it to non-security-savvy users seems to me
to be a great way to guarantee a lot of weak systems in the field.
ISTM our minimum responsibility would be to design and document how
to build a strong protection system using the feature ... and at that
point why not build it in?

I've certainly got no objection to making a mechanism that can be used
for more than one purpose; but not offering a complete security solution
is abdicating our responsibility.

			regards, tom lane

In response to

pgsql-performance by date

Next:From: Andrew SullivanDate: 2007-12-21 16:48:26
Subject: Re: function body actors (was: viewing source code)
Previous:From: Andrew SullivanDate: 2007-12-21 16:24:41
Subject: Re: [HACKERS] function body actors (was: viewing source code)

pgsql-hackers by date

Next:From: Andrew SullivanDate: 2007-12-21 16:48:26
Subject: Re: function body actors (was: viewing source code)
Previous:From: Andrew SullivanDate: 2007-12-21 16:24:41
Subject: Re: [HACKERS] function body actors (was: viewing source code)

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group