| From: | Jeff Davis <pgsql(at)j-davis(dot)com> |
|---|---|
| To: | Amit Kapila <amit(dot)kapila16(at)gmail(dot)com> |
| Cc: | pgsql-bugs(at)postgresql(dot)org, Robert Haas <robertmhaas(at)gmail(dot)com> |
| Subject: | Re: [16+] subscription can end up in inconsistent state |
| Date: | 2023-09-12 20:33:57 |
| Message-ID: | 163428cd3f4bb3894ae86ed3278f320442ec41e1.camel@j-davis.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs |
On Tue, 2023-09-12 at 16:13 +0530, Amit Kapila wrote:
> Do we want to remove
> that as anyway, we will do that check via walrcv_connect()?
I think we should keep the DDL-time checks in place as a best-effort,
but not rely on them for security.
> Another point is that if we want to unify such a check at the time of
> walrcv_connect() then do we need to do it at the time of Alter
> Subscription? I think it will probably be better to catch the problem
> early
Agreed. Catching mistakes at DDL time is a better user experience.
> but does removing it from Alter Subscription time and doing it
> at connect time lead to security hazards?
We'd still be doing the same check, just later, right? If so there's
not a big security risk in removing the DDL-time checks. But it's
probably not a good idea to have non-superuser-owned subscriptions
without a password specified, so there may be some hazard there.
>
Regards,
Jeff Davis
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Ринат Мухтаров | 2023-09-12 21:25:57 | PostgreSQL 12.15 query performance problem |
| Previous Message | Aleksandr Vinokurov | 2023-09-12 19:03:20 | Re: "as name" is shadowed by name "value" when selecting with "left join jsonb_array_elements(d.items) as item on true" |