Re: proposal: session server side variables

From: Fabien COELHO <coelho(at)cri(dot)ensmp(dot)fr>
To: PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: proposal: session server side variables
Date: 2016-12-29 10:44:46
Message-ID: alpine.DEB.2.20.1612291143470.4911@lancre
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers


[Oops, resent, wrong from address, please accept my apologies]

Hello Pavel,

> There are two concepts - both can be implemented, and used (can be used
> together).

That is one point I would like to ascertain clearly and explicitely, so having
various designs side by side, eg in the wiki page, would help if and where they
interact.

The second point I am keen on discussing is how the proposed designs provide a
solution to different use cases, and at what cost.

I've added sections about use cases (I have listed 3) and how they could be
supported in the wiki page.

> Both these concepts has some advantage and some disadvantages. It is hard to
> expect, so there is possible full agreement - because everybody has different
> preferences.

Sure.

> I understand so for you can be your proposal more readable, but for me,
> your design of usage and security looks not well.

Yep, there are pros and cons to all proposals. I wish they are listed
somewhere, and possibly discussed, because some pros/cons depends on some
detailed features.

> It is acceptable without PRIVATE flags and similar flags. It is not designed
> be secure.

Indeed. I've taken this point somehow into account and changed my proposal so
that session variables are private by default, and now I'm not even sure that
there should exist public session variables at all...

> (MySQL has nothing similar, I don't know if MSSQL has some, but probably
> not). Ok. We have different priorities. For you is not usual so in one
> session there can be more more times switch of secure context. It is usual
> for me, and for applications what I write.

I have added a section in the wiki to present succintely existing stuff in
other products.

>> Could you put your ideal (final) design proposition on the wiki page?
> yes, I'll do it.

Good!

--
Fabien.

Browse pgsql-hackers by date

  From Date Subject
Next Message Pavel Stehule 2016-12-29 11:07:56 Re: proposal: session server side variables
Previous Message Fabien COELHO 2016-12-29 10:42:45 Re: proposal: session server side variables