| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Jim Nasby <Jim(dot)Nasby(at)BlueTreble(dot)com> |
| Cc: | Robert Haas <robertmhaas(at)gmail(dot)com>, David Steele <david(at)pgmasters(dot)net>, Alvaro Herrera <alvherre(at)2ndquadrant(dot)com>, "Joshua D(dot) Drake" <jd(at)commandprompt(dot)com>, Pg Hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: PostgreSQL Audit Extension |
| Date: | 2016-02-03 21:16:17 |
| Message-ID: | 24035.1454534177@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Jim Nasby <Jim(dot)Nasby(at)BlueTreble(dot)com> writes:
> As for PGXN being an untrusted source, that's something that it's in the
> project's best interest to try and address somehow, perhaps by having
> formally audited extensions. Amazon already has to do this to some
> degree before an extension can be allowed in RDS, and so does Heroku, so
> maybe that would be a starting point.
> I think a big reason Postgres got to where it is today is because of
> it's superior extensibility, and I think continuing to encourage that
> with formal support for things like PGXN is important.
Yeah. Auditing strikes me as a fine example of something for which there
is no *technical* reason to need to put it in core. It might need some
more hooks than we have now, but that's no big deal. In the long run,
we'll be a lot better off if we can address the non-technical factors
that make people want to push such things into the core distribution.
Exactly how we get there, I don't pretend to know.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2016-02-03 21:25:03 | Re: Idle In Transaction Session Timeout, revived |
| Previous Message | Robert Haas | 2016-02-03 21:12:44 | Re: postgres_fdw join pushdown (was Re: Custom/Foreign-Join-APIs) |