Re: PG 12 draft release notes

Ian Barwick <ian.barwick@2ndquadrant.com>

From: Ian Barwick <ian.barwick@2ndquadrant.com>
To: Michael Paquier <michael@paquier.xyz>
Cc: Bruce Momjian <bruce@momjian.us>, PostgreSQL-development <pgsql-hackers@postgresql.org>
Date: 2019-05-22T07:50:14Z
Lists: pgsql-hackers

Commits

Same data as JSON: GET /api/v1/messages/:b64id/commits the thread's linked commits as JSON, with link sources. API reference →
  1. doc: PG 12 relnotes: update wording on truncate/vacuum item

  2. docs: PG 12 relnotes, update btree items

  3. doc: PG 12 relnotes, list added snowball/FTS languages

  4. doc: PG 12 relnotes, merge new SQL partition function items

  5. docs: PG 12 release notes, support functions

  6. docs: PG 12 relnote adjustments based on feedback from Tom Lane

  7. docs: adjust RECORD PG 12 relnote item

  8. doc: adjust PG 12 relnotes item on float digit adjustment

  9. doc: adjustments for PG 12 release notes

  10. docs: fix duplicate wording in PG 12 release notes

  11. doc: properly attibute PG 12 pgbench release note item

  12. doc: PG 12 release notes: normalize attribution names

  13. Refactor the fsync queue for wider use.

  14. Add "split after new tuple" nbtree optimization.

  15. Add nbtree high key "continuescan" optimization.

  16. Allow amcheck to re-find tuples using new search.

  17. Consider secondary factors during nbtree splits.

  18. Partial implementation of SQL/JSON path language

  19. Allow extensions to generate lossy index conditions.

  20. Make TupleTableSlots extensible, finish split of existing slot type.

  21. Reduce path length for locking leaf B-tree pages during insertion

On 5/22/19 4:26 PM, Michael Paquier wrote:
> On Wed, May 22, 2019 at 09:19:53AM +0900, Ian Barwick wrote:
>> the last two items are performance improvements not related to authentication;
>> presumably the VACUUM item would be better off in the "Utility Commands"
>> section and the TRUNCATE item in "General Performance"?
> 
> I agree with removing them from authentication, but these are not
> performance-related items.  Instead I think that "Utility commands" is
> a place where they can live better.
> 
> I am wondering if we should insist on the DOS attacks on a server, as
> non-authorized users are basically able to block any tables, and
> authorization is only a part of it, one of the worst parts
> actually...  Anyway, I think that "This prevents unauthorized locking
> delays." does not provide enough details.  What about reusing the
> first paragraph of the commits?  Here is an idea:
> "A caller of TRUNCATE/VACUUM/ANALYZE could previously queue for an
> access exclusive lock on a relation it may not have permission to
> truncate/vacuum/analyze, potentially interfering with users authorized
> to work on it.  This could prevent users from accessing some relations
> they have access to, in some cases preventing authentication if a
> critical catalog relation was blocked."

Ah, if that's the intent behind/use for those changes (I haven't looked at them
in any detail, was just scanning the release notes) then it certainly needs some
explanation along those lines.


Regards

Ian Barwick


-- 
  Ian Barwick                   https://www.2ndQuadrant.com/
  PostgreSQL Development, 24x7 Support, Training & Services