| From: | Peter van Hardenberg <pvh(at)pvh(dot)ca> |
|---|---|
| To: | Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com> |
| Cc: | Vik Fearing <vik(at)2ndquadrant(dot)fr>, David Fetter <david(at)fetter(dot)org>, PostgreSQL Development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: PoC: Make it possible to disallow WHERE-less UPDATE and DELETE |
| Date: | 2016-07-27 15:11:23 |
| Message-ID: | CABTbUpg88-oCZkOaR7eff++rP15TF-5B7WOaykcAbzEL4T7EeQ@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Tue, Jul 26, 2016 at 6:15 PM, Peter Eisentraut <
peter(dot)eisentraut(at)2ndquadrant(dot)com> wrote:
> On 7/26/16 6:14 PM, Vik Fearing wrote:
> > As mentioned elsewhere in the thread, you can just do WHERE true to get
> > around it, so why on Earth have it PGC_SUSET?
>
> I'm not sure whether it's supposed to guard against typos and possibly
> buggy SQL string concatenation in application code. So it would help
> against accidental mistakes, whereas putting a WHERE TRUE in there would
> be an intentional override.
>
>
I know I'm late to the thread here, but I just wanted to add my small voice
in support
of this feature.
Over the years we've seen this happen at Heroku quite a bit (accidental
manual entry
without a where clause) and the only minor gripe I'd have is that contrib
modules are
very undiscoverable and users tend not to find out about them.
On the other hand, a session setting in core would probably not be that
different.
I expect Heroku will probably wind up enabling this by default on any
interactive
psql sessions.
(And I would encourage packagers and distributors to consider doing the
same.)
-p
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bruce Momjian | 2016-07-27 16:04:08 | Re: Why we lost Uber as a user |
| Previous Message | Aleksander Alekseev | 2016-07-27 14:51:35 | Re: [Patch] RBTree iteration interface improvement |