| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Peter Eisentraut <peter_e(at)gmx(dot)net> |
| Cc: | Joe Conway <joe(at)conway-family(dot)com>, PostgreSQL Development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Re: [PATCHES] Fw: Isn't pg_statistic a security hole - Solution Proposal |
| Date: | 2001-06-08 04:06:05 |
| Message-ID: | 8865.991973165@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers pgsql-patches |
Peter Eisentraut <peter_e(at)gmx(dot)net> writes:
> Since these functions will primarily be used in building a sort of
> information schema and for querying system catalogs, we should use the
> approach that is or will be used there: character type values contain the
> table name already case-adjusted.
Weren't you just arguing that such cases could/should use the OID, not
the name at all? ISTM the name-based variants will primarily be used
for user-entered names, and in that case the user can reasonably expect
that a name will be interpreted the same way as if he'd written it out
in a query.
The nextval approach is ugly, I'll grant you, but it's also functional.
We got complaints about nextval before we put that in; we get lots
fewer now.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Mark Pritchard | 2001-06-08 04:35:31 | PostgreSQL and replication |
| Previous Message | James Buchanan | 2001-06-08 01:28:27 | Re: place for newbie postgresql hackers to work |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Peter Eisentraut | 2001-06-08 16:09:50 | Re: Re: [PATCHES] Fw: Isn't pg_statistic a security hole - Solution Proposal |
| Previous Message | Peter Eisentraut | 2001-06-07 14:16:33 | Re: Re: [PATCHES] Fw: Isn't pg_statistic a security hole - Solution Proposal |