Re: Drawbacks of using BYTEA for PK?

scott.marlowe <scott.marlowe@ihs.com>

From: "scott.marlowe" <scott.marlowe@ihs.com>
To: "D. Dante Lorenso" <dante@lorenso.com>
Cc: David Garamond <lists@zara.6.isreserved.com>, Tom Lane <tgl@sss.pgh.pa.us>, <pgsql-general@postgresql.org>
Date: 2004-01-12T19:52:19Z
Lists: pgsql-general
On Mon, 12 Jan 2004, D. Dante Lorenso wrote:

> 
> > Tom Lane wrote:
> >
> >> Adding an MD5 hash contributes *absolutely zero*, except waste of space,
> >> to any attempt to make a GUID.  The hash will add no uniqueness that was
> >> not there before.
> >
> The cool thing about a 'GUID' (or in my example a hashed sequence number 
> [sure
> toss in some entropy if you want it]) is that if you happen to reference 
> that
> value as a primary key on a table, the URL that passes the argument can not
> be guessed at easily.  For example using a sequence:
> 
>     http://domain.com/application/load_record.html?customer_id=12345
> 
> Then, users of the web will assume that you have at most 12345 
> customers.  And
> they can try to look up information on other customers by doing:
> 
>     http://domain.com/application/load_record.html?customer_id=12346
>     http://domain.com/application/load_record.html?customer_id=12344
> 
> ...basically walking the sequence.  Sure, you will protect against this with
> access rights, BUT...seeing the sequence is a risk and not something you 
> want
> to happen.  NOW, if you use a GUID:

Security != obscurity.

While using GUIDs may make it harder to get hacked, it in no way actually 
increases security.  Real security comes from secure code, period.