Re: proposal: session server side variables

From: Robert Haas <robertmhaas(at)gmail(dot)com>
To: Fabien COELHO <coelho(at)cri(dot)ensmp(dot)fr>
Cc: Pavel Stehule <pavel(dot)stehule(at)gmail(dot)com>, Craig Ringer <craig(at)2ndquadrant(dot)com>, Fabrízio de Royes Mello <fabriziomello(at)gmail(dot)com>, PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org>, Joe Conway <mail(at)joeconway(dot)com>
Subject: Re: proposal: session server side variables
Date: 2017-01-10 13:24:24
Message-ID: CA+TgmoZD17B66vWiTnoDDCC23Cwtd=MVWRpKHG1mmxOrR5S+tg@mail.gmail.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

On Tue, Jan 10, 2017 at 1:31 AM, Fabien COELHO <coelho(at)cri(dot)ensmp(dot)fr> wrote:
> I have submitted a proof of this fact in the form of a counter example which
> (1) (pseudo) implements the use-case by logging into an audit table the fact
> a user accesses the secure level (2) shows that the status of a non
> transactional session variable used for keeping this status is wrong for the
> use case in some cases (it says that all is well while appending to the
> audit table failed).
>
> I feel entitled to point out to other people that their belief that a
> feature as described provides a correct solution to a particular use case is
> wrong, if it is factually the case. If they persist in this belief despite
> the submitted proof, I can only be sad about it, because if pg provides a
> feature for a security-relared use case which does not work correctly it is
> just shooting one's foot.

You're just ignoring explanations from other people - Craig in
particular - about why it DOES satisfy their use case. And the reason
his argument is valid is because he is questioning your premise. You
are proving "if A, then B" and he's saying, "yes, but not A". That's
not a logical fallacy on his part. That's you proving something that
is in his view irrelevant to the desirability of the feature.

> I do not like Pavel's feature, this is a subjective opinion. This feature
> does not provide a correct solution for the use case, this is an objective
> fact. The presented feature does not have a real use case, this is too bad.

If the presented feature had no use case, I don't think there would be
3 or 4 people arguing for it. Those people aren't stupid.

> Finally, I did not "veto" this feature, I reviewed it in depth and concluded
> negatively.

Sure, that's pretty fair. Are you also willing to accept other
people's differing conclusions?

> You are a committer and I'm just a "silly academic", you do not
> have to listen to anything I say and can take majority votes against proofs
> if you want.

I believe that the words "silly" and "academic" were used about
certain proposals that you made, and you have here pulled them out of
the context in which they were written and recast them as general
judgements on you rather than statements about certain ideas which you
proposed or certain arguments which you made. I think most people on
this mailing list, including me, are very careful to avoid "ad
hominum" arguments, and I believe that is also the case in the
arguments made to you. Everybody's ideas on this mailing list,
including mine, come in for criticism from time to time. That doesn't
necessarily imply personal disrespect.

--
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Peter Eisentraut 2017-01-10 13:26:11 Re: merging some features from plpgsql2 project
Previous Message Ashutosh Bapat 2017-01-10 12:15:22 Re: postgres_fdw bug in 9.6