From: | "Kev" <kevinjamesfield(at)gmail(dot)com> |
---|---|
To: | pgsql-general(at)postgresql(dot)org |
Subject: | cutting out the middleperl |
Date: | 2007-03-22 21:58:15 |
Message-ID: | 1174600695.468027.70320@y80g2000hsf.googlegroups.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-general |
Hi everyone,
I'm still in the design phase of a project. I was just wondering if
anyone has any thoughts or experience on the idea of cutting the P out
of the LAMP (or in my case, WAMP for now) stack. What I mean is
having
everything encapsulated into sql (or plpgsql or plperl where needed)
functions stored in the pgsql server, and have Apache communicate with
pgsql via a tiny C program that pretty much just checks whether the
incoming function is on the allowed list and has the proper data
types,
then passes it straight in. Any errors are logged as potential
security
breaches.
I'm really new to mod_perl too, so another question would be if this
would be much faster than a simple perl script that did the same
thing.
I ask this because I realize I need to carefully check data coming
into
pgsql functions as well as at the client end. Why maintain a bunch of
scripts with names similar to the functions they're calling and all
performing similar checks anyway?
I was kinda salivating at the thought of how fast things would be if
you
cut out the A as well, by using a Flash applet to give socket access
to
JavaScript. But then I guess you have to make your pgsql server
itself
publicly accessible on some port. Is that just asking for trouble?
I appreciate any comments or thoughts anyone might have on this.
Thanks,
Kev
From | Date | Subject | |
---|---|---|---|
Next Message | Kev | 2007-03-22 22:00:15 | database-wide triggers |
Previous Message | Ron Johnson | 2007-03-22 21:22:42 | Re: making postgres DB stable, efficient and secure |