| From: | "Joshua D(dot) Drake" <jd(at)commandprompt(dot)com> |
|---|---|
| To: | oleg yusim <olegyusim(at)gmail(dot)com> |
| Cc: | PostgreSQL General <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: Failing to known state |
| Date: | 2016-01-05 23:33:16 |
| Message-ID: | 568C52BC.7030703@commandprompt.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On 01/05/2016 03:21 PM, oleg yusim wrote:
> Thanks JD.
>
> From what I read about WAL (you have been referring to this:
> http://www.postgresql.org/docs/current/static/wal-internals.html
> pg_xlog, right?) it allows us to know what happened, but does it
> warranty known secure state? I mean, I do not think it would help with this:
>
> "In general, security mechanisms should be designed so that a failure
> will follow the same execution path as disallowing the operation. For
> example, application security methods, such as isAuthorized(),
> isAuthenticated(), and validate(), should all return false if there is
> an exception during processing. If security controls can throw
> exceptions, they must be very clear about exactly what that condition
> means. "
You are correct, that isn't the pg_xlog but yes, PostgreSQL will throw
an exception in those types of cases.
Sincerely,
JD
--
Command Prompt, Inc. - http://www.commandprompt.com/ 503-667-4564
PostgreSQL Centered full stack support, consulting and development.
Announcing "I'm offended" is basically telling the world you can't
control your own emotions, so everyone else should do it for you.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Adrian Klaver | 2016-01-05 23:34:28 | Re: Failing to known state |
| Previous Message | oleg yusim | 2016-01-05 23:21:40 | Re: Failing to known state |