| From: | Joshua Drake <jd(at)commandprompt(dot)com> |
|---|---|
| To: | Stephen Frost <sfrost(at)snowman(dot)net> |
| Cc: | Fabien COELHO <coelho(at)cri(dot)ensmp(dot)fr>, Bruce Momjian <bruce(at)momjian(dot)us>, Alastair Turner <minion(at)decodable(dot)me>, Michael Paquier <michael(at)paquier(dot)xyz>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org>, Masahiko Sawada <masahiko(dot)sawada(at)2ndquadrant(dot)com> |
| Subject: | Re: Proposed patch for key management |
| Date: | 2020-12-31 18:46:57 |
| Message-ID: | CAJvJg-SFXoTWHCweqkFj+N_wnvzqG7DrKGYEjM2t226BTbRNYw@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
>
>
> > >I will say that if the community feels external-only should be the only
> > >option, I will stop working on this feature because I feel the result
> > >would be too fragile to be reliable,
> >
> > I'm do not see why it would be the case. I'm just arguing to have key
> > management in a separate, possibly suid something-else, process, which
> given
> > the security concerns which dictates the feature looks like a must have,
> or
> > at least must be possible. From a line count point of view, it should be
> a
> > small addition to the current code.
>
> All of this hand-waving really isn't helping.
>
> If it's a small addition to the current code then it'd be fantastic if
> you'd propose a specific patch which adds what you're suggesting. I
> don't think either Bruce or I would have any issue with others helping
> out on this effort, but let's be clear- we need something that *is* part
> of core PG, even if we have an ability to have other parts exist outside
> of PG.
>
+1
JD
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Zhihong Yu | 2020-12-31 19:02:29 | Re: Deleting older versions in unique indexes to avoid page splits |
| Previous Message | Joshua Drake | 2020-12-31 18:41:01 | Re: Proposed patch for key management |