Re: Tightening up allowed custom GUC names

Robert Haas <robertmhaas@gmail.com>

From: Robert Haas <robertmhaas@gmail.com>
To: Noah Misch <noah@leadboat.com>
Cc: Tom Lane <tgl@sss.pgh.pa.us>, PostgreSQL Hackers <pgsql-hackers@lists.postgresql.org>
Date: 2021-02-11T19:50:13Z
Lists: pgsql-hackers
On Tue, Feb 9, 2021 at 6:02 PM Noah Misch <noah@leadboat.com> wrote:
> > * A case could be made for tightening things up a lot more, and not
> > allowing anything that doesn't look like an identifier.  I'm not
> > pushing for that, as it seems more likely to break existing
> > applications than the narrow restriction proposed here.  But I could
> > live with it if people prefer that way.
>
> I'd prefer that.  Characters like backslash, space, and double quote have
> significant potential to reveal bugs, while having negligible application
> beyond revealing bugs.

I'm not sure exactly what the rule should be here, but in general I
agree that a broader prohibition might be better. It's hard to
understand the rationale behind a system that doesn't allow
robert.max-workers as a GUC name, but does permit ro
b"ert.max^Hworkers.

+1 for not back-patching whatever we do here.

-- 
Robert Haas
EDB: http://www.enterprisedb.com



Commits

  1. Tighten up allowed names for custom GUC parameters.