From: | Federico Di Gregorio <federico(dot)digregorio(at)dndg(dot)it> |
---|---|
To: | psycopg(at)postgresql(dot)org |
Subject: | Re: Stuff for 2.4.1 |
Date: | 2011-03-28 07:11:10 |
Message-ID: | 4D90348E.3080106@dndg.it |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | psycopg |
On 27/03/11 19:23, David Blewett wrote:
> On Sun, Mar 27, 2011 at 9:46 AM, Daniele Varrazzo
> <daniele(dot)varrazzo(at)gmail(dot)com> wrote:
>> > On Sun, Mar 27, 2011 at 12:51 PM, Harald Armin Massa
>> > <harald(at)2ndquadrant(dot)com> wrote:
>>> >> Are you really sure that psycopg2 should go the road of having own
>>> >> parsers in addition to libpq-s routines? As much as I am happy about
>>> >> the robustness when having other libpqs, and about the performance
>>> >> benefit, as much I fear to have some new areas for possible bugs -
>>> >> especially security-relevant things like SQL-injections.
>> >
>> > The will to stick as much as possible to the libpq functions has been
>> > the reason I had not written the above parser before (releasing
>> > 2.4.0). Unfortunately the bytea problem has proven trickier to handle
>> > for many psycopg users. I've changed my mind as I think psycopg has
>> > the responsibility to provide a set of feature in a robust way, and if
>> > the libpq is just not reliable for bytea parsing (for me the hex
>> > format should have been backported to the the client libraries of the
>> > previous versions) I think we have to provide a solution, not just to
>> > propagate the problem.
> I think I agree with Harald here. In my opinion, this shouldn't be
> done at the driver level. There never has been a guarantee from the
> database side that applications compiled against older libpq will be
> able to communicate with newer versions. Emulating this in the driver
> only propagates this mis-conception. What has been the problem in the
> past? Maybe the documentation should be improved so that people are
> sure to build against the appropriate version of libpq for the version
> of the server they intend to communicate with?
What Daniele did is fine:
1) There is no security problem, because the code only work in the
database->user direction.
2) Allows communication with different combinations of backend/libpq
versions without adding the overhead of extra quesries when
establishing the connection (i.e., it just works and this is
very important for the user).
Also, while I am writing very few new code I am reviewing everything and
I am confident to say that psycopg is much safe now than 2 years ago
when I was the only developer.
federico
--
Federico Di Gregorio federico(dot)digregorio(at)dndg(dot)it
Studio Associato Di Nunzio e Di Gregorio http://dndg.it
When people say things are a lot more complicated than that, they
means they're getting worried that they won't like the truth.
-- Granny Weatherwax
From | Date | Subject | |
---|---|---|---|
Next Message | A.M. | 2011-03-28 15:00:51 | Re: Stuff for 2.4.1 |
Previous Message | Daniele Varrazzo | 2011-03-27 19:36:47 | Re: Stuff for 2.4.1 |