| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Andres Freund <andres(at)anarazel(dot)de> |
| Cc: | Stephen Frost <sfrost(at)snowman(dot)net>, pgsql-hackers(at)postgresql(dot)org, Robert Haas <robertmhaas(at)gmail(dot)com>, Harold Giménez <harold(dot)gimenez(at)gmail(dot)com> |
| Subject: | Re: pg_upgrade improvements |
| Date: | 2012-04-05 15:39:19 |
| Message-ID: | 3927.1333640359@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Andres Freund <andres(at)anarazel(dot)de> writes:
>> The point is to avoid the risk that someone else could connect to the
>> database at the same time you're doing work on it.
> I got that. I just fail to see what the advantage of using two pipes instead
> of one socket as every other plain connection would be?
Yeah, that would be a small pain in the neck, but it eliminates a huge
pile of practical difficulties, like your blithe assumption that you can
find a "private directory" somewhere (wrong) or disallow access to other
people (also wrong, if they are using the same account as you).
The short answer is that sockets and named pipes are *meant* to be
publicly accessible. Guaranteeing that they are not is a difficult
task full of possibilities for security holes.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Robert Haas | 2012-04-05 15:45:58 | Re: Patch: add timing of buffer I/O requests |
| Previous Message | Tom Lane | 2012-04-05 15:34:10 | Re: pg_upgrade improvements |