| From: | Peter Eisentraut <peter(at)eisentraut(dot)org> |
|---|---|
| To: | Magnus Hagander <magnus(at)hagander(dot)net>, Andres Freund <andres(at)anarazel(dot)de> |
| Cc: | Bruce Momjian <bruce(at)momjian(dot)us>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Security lessons from liblzma - libsystemd |
| Date: | 2024-04-03 23:10:20 |
| Message-ID: | 7af9c295-1ea8-45ba-ad71-93ac2fae2e89@eisentraut.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 03.04.24 23:19, Magnus Hagander wrote:
> When the code is this simple, we should definitely consider carrying it
> ourselves. At least if we don't expect to need *other* functionality
> from the same library in the future, which I doubt we will from libsystemd.
Well, I've long had it on my list to do some integration to log directly
to the journal, so you can preserve metadata better. I'm not sure right
now whether this would use libsystemd, but it's not like there is
absolutely no other systemd-related functionality that could be added.
Personally, I think this proposed change is trying to close a barndoor
after a horse has bolted. There are many more interesting and scary
libraries in the dependency tree of "postgres", so just picking off one
right now doesn't really accomplish anything. The next release of
libsystemd will drop all the compression libraries as hard dependencies,
so the issue in that sense is gone anyway. Also, fun fact: liblzma is
also a dependency via libxml2.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Jeff Davis | 2024-04-03 23:19:02 | Re: Built-in CTYPE provider |
| Previous Message | Melanie Plageman | 2024-04-03 22:57:59 | Re: BitmapHeapScan streaming read user and prelim refactoring |