From: | "Massa, Harald Armin" <chef(at)ghum(dot)de> |
---|---|
To: | Arjen Nienhuis <a(dot)g(dot)nienhuis(at)gmail(dot)com> |
Cc: | pgsql-general(at)postgresql(dot)org |
Subject: | Re: varchar lengths |
Date: | 2010-09-21 13:15:22 |
Message-ID: | AANLkTimToFRc9SG0o9A8-i+f78Nu+kXYOPwHsa2SbRaP@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-general |
Arjen,
> You do need to be wary of malicious users who put a first name of a
>few hundred megabytes.
yes, but if that "my first name is a video" hits the database, it is
allready to late, isn't it?
If it is open to the public, input should be sanitized WAY earlier;
and for an internal application: please compare "number of users
trying to insert a video for their first name" to "number of customers
being annoyed as their name is abbreviated"
Harald
--
GHUM GmbH
Harald Armin Massa
Spielberger Straße 49
70435 Stuttgart
0173/9409607
Amtsgericht Stuttgart, HRB 734971
-
persuadere.
et programmare
From | Date | Subject | |
---|---|---|---|
Next Message | Grzegorz Jaśkiewicz | 2010-09-21 13:17:47 | Re: Reclaiming space |
Previous Message | Arjen Nienhuis | 2010-09-21 12:40:30 | Re: varchar lengths |