Re: Proof of concept: standalone backend with full FE/BE protocol
Magnus Hagander <magnus@hagander.net>
From: Magnus Hagander <magnus@hagander.net>
To: Tom Lane <tgl@sss.pgh.pa.us>
Cc: Amit Kapila <amit.kapila@huawei.com>, pgsql-hackers@postgresql.org
Date: 2012-09-03T18:55:52Z
Lists: pgsql-hackers
On Mon, Sep 3, 2012 at 8:51 PM, Tom Lane <tgl@sss.pgh.pa.us> wrote: > Magnus Hagander <magnus@hagander.net> writes: >> On Mon, Sep 3, 2012 at 7:07 PM, Tom Lane <tgl@sss.pgh.pa.us> wrote: >>> Hmm, after looking at src/port/kill.c it doesn't seem like there's much >>> of a problem with doing that. I had had the idea that our kill >>> emulation only worked within the backend environment, but of course >>> pg_ctl wouldn't work if that were so. So this is easier than I thought. > >> Yeah, kill works fine from non-backend as long as the *receiver* has >> our backend environment. > > I have another question after thinking about that for awhile: is there > any security concern there? On Unix-oid systems, we expect the kernel > to restrict who can do a kill() on a postgres process. If there's any > similar restriction on who can send to that named pipe in the Windows > version, it's not obvious from the code. Do we have/need any > restriction there? We use the default for CreateNamedPipe() which is: " The ACLs in the default security descriptor for a named pipe grant full control to the LocalSystem account, administrators, and the creator owner. They also grant read access to members of the Everyone group and the anonymous account." (ref: http://msdn.microsoft.com/en-us/library/windows/desktop/aa365150(v=vs.85).aspx) Given that we only respond to writes (we don't "publish information" over it), I think that's a reasonable default to use. -- Magnus Hagander Me: http://www.hagander.net/ Work: http://www.redpill-linpro.com/
Commits
Same data as JSON:
GET /api/v1/messages/:b64id/commits
the thread's linked commits as JSON, with link sources.
API reference →
-
Remove now redundant pgpipe code.
- d2c1740dc275 9.2.0 cited