| From: | Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com> |
|---|---|
| To: | Joshua Brindle <joshua(dot)brindle(at)crunchydata(dot)com>, Andres Freund <andres(at)anarazel(dot)de> |
| Cc: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Joe Conway <mail(at)joeconway(dot)com>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: RFC: seccomp-bpf support |
| Date: | 2019-08-28 20:07:56 |
| Message-ID: | b822d5ce-dde1-8126-8164-908bd410dc46@2ndquadrant.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 2019-08-28 21:38, Joshua Brindle wrote:
> I think we need to reign in the thread somewhat. The feature allows
> end users to define some sandboxing within PG. Nothing is being forced
> on anyone
Features come with a maintenance cost. If we ship it, then people are
going to try it out. Then weird things will happen. They will report
mysterious bugs. They will complain to their colleagues. It all comes
with a cost.
> but we would like the capability to harden a PG installation
> for many reasons already stated.
Most if not all of those reasons seem to have been questioned.
--
Peter Eisentraut http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Alvaro Herrera | 2019-08-28 20:49:14 | Re: RFC: seccomp-bpf support |
| Previous Message | Taylor Vesely | 2019-08-28 19:52:13 | Re: Memory-Bounded Hash Aggregation |