| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | "Daniel Verite" <daniel(at)manitou-mail(dot)org> |
| Cc: | "Surafel Temesgen" <surafel3000(at)gmail(dot)com>, "pgsql-hackers(at)postgresql(dot)org" <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Disallowing multiple queries per PQexec() |
| Date: | 2017-06-12 14:32:57 |
| Message-ID: | 10836.1497277977@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
"Daniel Verite" <daniel(at)manitou-mail(dot)org> writes:
> PGC_POSTMASTER implies that it's an instance-wide setting.
> Is is intentional? I can understand that it's more secure for this not to
> be changeable in an existing session, but it's also much less usable if you
> can't set it per-database and per-user.
> Maybe it should be PGC_SUSET ?
Bearing in mind that I'm not really for this at all... why shouldn't
it be plain old USERSET? AFAICS, the only argument for this restriction
is to make SQL injection harder. But if an attacker is able to inject
a SET command, he's already found a way around it. So there's no real
point in locking down the GUC to prevent that.
Also, generally speaking, GUCs should be phrased positively, ie this
should be named something more like "allow_multiple_queries" (with
opposite sense & default of course).
> + if ((strcmp(commandTagHead, "BEGIN") != 0) ||
> (strcmp(commandTagTail, "COMMIT") != 0) )
> + ereport(ERROR,
> + (errcode(ERRCODE_SYNTAX_ERROR),
> errmsg("cannot execute multiple commands unless it is a transaction
> block")));
I haven't read the patch, but surely looking at command tags is not
an appropriate implementation of anything in this line.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Joe Conway | 2017-06-12 14:40:09 | Re: PG10 Partitioned tables and relation_is_updatable() |
| Previous Message | Daniel Verite | 2017-06-12 14:22:43 | Re: Disallowing multiple queries per PQexec() |