| From: | "Massa, Harald Armin" <chef(at)ghum(dot)de> |
|---|---|
| To: | Arjen Nienhuis <a(dot)g(dot)nienhuis(at)gmail(dot)com> |
| Cc: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: varchar lengths |
| Date: | 2010-09-21 13:15:22 |
| Message-ID: | AANLkTimToFRc9SG0o9A8-i+f78Nu+kXYOPwHsa2SbRaP@mail.gmail.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Arjen,
> You do need to be wary of malicious users who put a first name of a
>few hundred megabytes.
yes, but if that "my first name is a video" hits the database, it is
allready to late, isn't it?
If it is open to the public, input should be sanitized WAY earlier;
and for an internal application: please compare "number of users
trying to insert a video for their first name" to "number of customers
being annoyed as their name is abbreviated"
Harald
--
GHUM GmbH
Harald Armin Massa
Spielberger Straße 49
70435 Stuttgart
0173/9409607
Amtsgericht Stuttgart, HRB 734971
-
persuadere.
et programmare
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Grzegorz Jaśkiewicz | 2010-09-21 13:17:47 | Re: Reclaiming space |
| Previous Message | Arjen Nienhuis | 2010-09-21 12:40:30 | Re: varchar lengths |