Re: missing toast table for pg_policy

From: Michael Paquier <michael(at)paquier(dot)xyz>
To: Andres Freund <andres(at)anarazel(dot)de>
Cc: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Joe Conway <mail(at)joeconway(dot)com>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: missing toast table for pg_policy
Date: 2018-02-18 00:53:27
Message-ID: 20180218005327.GA2773@paquier.xyz
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

On Sat, Feb 17, 2018 at 03:52:33PM -0800, Andres Freund wrote:
> I've a hard hard hard time believing this is something useful to do. I
> mean by that argument you can just cause trouble everywhere by just
> storing arbitrarily large stuff via sql.

Did you read my last email until the end? Particularly this quote:

> Longer salts make it for harder to reproduce connection proofs, so some
> users may want to privilege that than the number of iterations, and
> those are perfectly valid per the SCRAM exchange protocol.

The argument here is not about storing large blobs, it is about the
flexibility that the SCRAM protocol allows that PostgreSQL does not
because of this restriction in row size. Postgres should have in the
future a set of GUC parameters to allow users to control the interation
number and the salt length when generating the SCRAM verifier depending
on their security requirements. And I see no point in restraining
things on the backend as we do now.
--
Michael

In response to

Browse pgsql-hackers by date

  From Date Subject
Next Message David Rowley 2018-02-18 02:25:47 Re: [HACKERS] path toward faster partition pruning
Previous Message Andres Freund 2018-02-17 23:52:33 Re: missing toast table for pg_policy