| From: | Peter Geoghegan <peter(at)2ndquadrant(dot)com> |
|---|---|
| To: | Kohei KaiGai <kaigai(at)kaigai(dot)gr(dot)jp> |
| Cc: | Robert Haas <robertmhaas(at)gmail(dot)com>, Noah Misch <noah(at)leadboat(dot)com>, Kevin Grittner <Kevin(dot)Grittner(at)wicourts(dot)gov>, Kohei(dot)Kaigai(at)emea(dot)nec(dot)com, thom(at)linux(dot)com, pgsql-hackers(at)postgresql(dot)org, tgl(at)sss(dot)pgh(dot)pa(dot)us |
| Subject: | Re: [v9.2] Fix Leaky View Problem |
| Date: | 2011-10-11 00:19:32 |
| Message-ID: | CAEYLb_VhYLZ0c+5GqZkWYZEa10Zzarq-CNcyYguzxoBbT1gPrw@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 10 October 2011 21:28, Kohei KaiGai <kaigai(at)kaigai(dot)gr(dot)jp> wrote:
> 2011/10/10 Robert Haas <robertmhaas(at)gmail(dot)com>:
>> It seems really ugly to me to suppose that we need to add a depth
>> field to every single one of these node types. If you've missed one,
>> then we have a security hole. If someone else adds another node type
>> later that requires this field and doesn't add it, we have a security
>> hole. And since all of these depth fields are going to make their way
>> into stored rules, those security holes will require an initdb to fix.
>>
> Indeed, I have to admit this disadvantage from the perspective of code
> maintenance, because it had also been a tough work for me to track
> the depth field in this patch.
Would you consider putting the depth field directly into a generic
superclass node, such as the "Expr" node? Perhaps that approach would
be neater.
--
Peter Geoghegan http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Training and Services
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Josh Berkus | 2011-10-11 00:52:53 | Dumping roles improvements? |
| Previous Message | Noah Misch | 2011-10-11 00:04:43 | Re: [v9.2] Fix Leaky View Problem |