Re: [HACKERS] proposal: schema variables
Fabien COELHO <coelho@cri.ensmp.fr>
Commits
GET /api/v1/messages/:b64id/commits
the thread's linked commits as JSON, with link sources.
API reference →
-
Move WAL sequence code into its own file
- a87987cafca6 19 (unreleased) cited
-
Add ExplainState argument to pg_plan_query() and planner().
- c83ac02ec730 19 (unreleased) cited
-
Don't include access/htup_details.h in executor/tuptable.h
- 1a8b5b11e48a 19 (unreleased) cited
-
Refactor to avoid code duplication in transformPLAssignStmt.
- b0fb2c6aa5a4 19 (unreleased) cited
-
Avoid including commands/dbcommands.h in so many places
- 325fc0ab14d1 19 (unreleased) cited
-
Restrict psql meta-commands in plain-text dumps.
- 71ea0d679543 19 (unreleased) cited
-
Split func.sgml into more manageable pieces
- 4e23c9ef65ac 19 (unreleased) cited
-
Fix squashing algorithm for query texts
- 0f65f3eec478 18.0 cited
-
EXPLAIN: Always use two fractional digits for row counts.
- 95dbd827f2ed 18.0 cited
-
Preliminary refactoring of plpgsql expression construction.
- a654af21ae52 18.0 cited
-
plpgsql: pure parser and reentrant scanner
- 7b27f5fd36cb 18.0 cited
-
Add some sanity checks in executor for query ID reporting
- 24f520594809 18.0 cited
-
Fix misleading error message context
- 4af123ad45bd 18.0 cited
-
Add macros for looping through a List without a ListCell.
- 14dd0f27d7cd 17.0 cited
Hello Pavel, >> AFAICR, I had an objection on such new objects when you first proposed >> something similar in October 2016. >> >> Namely, if session variables are not transactional, they cannot be used to >> implement security related auditing features which were advertised as the >> motivating use case: an the audit check may fail on a commit because of a >> differed constraint, but the variable would keep its "okay" value unduly, >> which would create a latent security issue, the audit check having failed >> but the variable saying the opposite. >> >> So my point was that they should be transactional by default, although I >> would be ok with an option for having a voluntary non transactional >> version. >> >> Is this issue addressed somehow with this ? > > > 1. I respect your opinion, but I dont agree with it. Oracle, db2 has > similar or very similar feature non transactional, and I didnt find any > requests to change it. The argument of authority that "X does it like that" is not a valid answer to my technical objection about security implications of this feature. > 2. the prototype implementation was based on relclass items, and some > transactional behave was possible. Peter E. had objections to this design > and proposed own catalog table. I did it. Now, the transactional behave is > harder to implement, although it is not impossible. This patch is not small > now, so I didnt implement it. "It is harder to implement" does not look like a valid answer either. > I have a strong opinion so default behave have to be non transactional. The fact that you have a "strong opinion" does not really answer my objection. Moreover, I said that I would be ok with a non transactional option, provided that a default transactional is available. > Transactional variables significantly increases complexity of this patch, > now is simple, because we can reset variable on drop variable command. > Maybe I miss some simply implementation, but I spent on it more than few > days. Still, any cooperation are welcome. "It is simpler to implement this way" is not an answer either, especially as you said that it could have been on point 2. As I do not see any clear answer to my objection about security implications, I understand that it is not addressed by this patch. At the bare minimum, if this feature ever made it as is, I think that a clear caveat must be included in the documentation about not using it for any security-related purpose. Also, I'm not really sure how useful such a non-transactional object can be for other purposes: the user should take into account that the transaction may fail and the value of the session variable be inconsistent as a result. Sometimes it may not matter, but if it matters there is no easy way around the fact. -- Fabien.