| From: | Masahiko Sawada <sawada(dot)mshk(at)gmail(dot)com> |
|---|---|
| To: | Andres Freund <andres(at)anarazel(dot)de> |
| Cc: | Michael Paquier <michael(at)paquier(dot)xyz>, Fujii Masao <masao(dot)fujii(at)gmail(dot)com>, Euler Taveira <euler(at)timbira(dot)com(dot)br>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: vacuumdb and new VACUUM options |
| Date: | 2019-05-15 06:44:22 |
| Message-ID: | CAD21AoA3kZ539bbSE1hWk_NsMC7QOB+sgzKmiBkE08W6DAN-Dw@mail.gmail.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Wed, May 15, 2019 at 1:01 PM Masahiko Sawada <sawada(dot)mshk(at)gmail(dot)com> wrote:
>
> On Wed, May 15, 2019 at 11:45 AM Andres Freund <andres(at)anarazel(dot)de> wrote:
> >
> > Hi,
> >
> > On 2019-05-15 11:36:52 +0900, Masahiko Sawada wrote:
> > > I might be missing something but if the frontend code doesn't check
> > > arguments and we let the backend parsing logic do all the work then it
> > > allows user to execute an arbitrary SQL command via vacuumdb.
> >
> > But, so what? The user could just have used psql to do so?
>
> Indeed. It shouldn't be a problem and we even now can do that by
> specifying for example --table="t(c1);select 1" but doesn't work.
>
I've attached new version patch that takes the way to let the backend
parser do all work.
Regards,
--
Masahiko Sawada
NIPPON TELEGRAPH AND TELEPHONE CORPORATION
NTT Open Source Software Center
| Attachment | Content-Type | Size |
|---|---|---|
| v3-0001-Add-index-cleanup-option-to-vacuumdb.patch | application/octet-stream | 5.9 KB |
| v3-0002-Add-truncate-option-to-vacuumdb.patch | application/octet-stream | 5.6 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Goel, Dhruv | 2019-05-15 08:15:04 | Avoiding deadlock errors in CREATE INDEX CONCURRENTLY |
| Previous Message | David Fetter | 2019-05-15 06:02:14 | Re: New EXPLAIN option: ALL |