Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtp (Exim 4.84_2) (envelope-from ) id 1eAHY5-0004iB-BN for pgsql-hackers@arkaria.postgresql.org; Thu, 02 Nov 2017 15:36:53 +0000 Received: from localhost ([127.0.0.1] helo=postgresql.org) by malur.postgresql.org with smtp (Exim 4.84_2) (envelope-from ) id 1eAHY4-0001KI-ST for pgsql-hackers@arkaria.postgresql.org; Thu, 02 Nov 2017 15:36:52 +0000 Received: from makus.postgresql.org ([2001:4800:1501:1::229]) by malur.postgresql.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_CBC_SHA384:256) (Exim 4.84_2) (envelope-from ) id 1eAHWV-0006sP-Nq for pgsql-hackers@postgresql.org; Thu, 02 Nov 2017 15:35:16 +0000 Received: from sub4.mail.dreamhost.com ([69.163.253.135] helo=homiemail-a55.g.dreamhost.com) by makus.postgresql.org with esmtps (TLS1.1:ECDHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.84_2) (envelope-from ) id 1eAHWT-00026J-2c for pgsql-hackers@postgresql.org; Thu, 02 Nov 2017 15:35:14 +0000 Received: from homiemail-a55.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a55.g.dreamhost.com (Postfix) with ESMTP id 4025968003C1C; Thu, 2 Nov 2017 08:35:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=cryptonector.com; h=date :from:to:cc:subject:message-id:references:mime-version :content-type:in-reply-to; s=cryptonector.com; bh=lKfG4qo4dxCeJJ /KpfxGGu7edRA=; b=jCa0gZk/85YEAldzHsPhI4dxyc/6dLOJ95CR0tZUzHWigS pKZOsgQHIhkQ5NRECLXk89Wxbaq8sVm2DZQWQI1mAInDvxm+5hXWvwVJCof8Jc/b QZLwEo3TXL2ZqehonTnO7VHcixlhLpiRg40nMQYAbpnoVqyC082N3UNLnD9s0= Received: from localhost (cpe-70-123-158-140.austin.res.rr.com [70.123.158.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: nico@cryptonector.com) by homiemail-a55.g.dreamhost.com (Postfix) with ESMTPSA id DBCB668003C1B; Thu, 2 Nov 2017 08:35:10 -0700 (PDT) Date: Thu, 2 Nov 2017 10:35:07 -0500 From: Nico Williams To: Robert Haas Cc: Pavel Stehule , PostgreSQL Hackers Subject: Re: proposal: schema variables Message-ID: <20171102153505.GP4496@localhost> References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.24 (2015-08-30) List-Archive: List-Help: List-ID: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: X-Mailing-List: pgsql-hackers Precedence: bulk Sender: pgsql-hackers-owner@postgresql.org On Thu, Nov 02, 2017 at 06:05:54PM +0530, Robert Haas wrote: > On Thu, Oct 26, 2017 at 12:51 PM, Pavel Stehule wrote: > > The variables can be modified by SQL command SET (this is taken from > > standard, and it natural) > > > > SET varname = expression; > > Overloading SET to handle both variables and GUCs seems likely to > create problems, possibly including security problems. For example, > maybe a security-definer function could leave behind variables to > trick the calling code into failing to set GUCs that it intended to > set. Or maybe creating a variable at the wrong time will just break > things randomly. That's already true of GUCs, since there are no access controls on set_config()/current_setting(). Presumably "schema variables" would really just be GUC-like and not at all like lexically scoped variables. And also subject to access controls, thus an overall improvement on set_config()/current_setting(). With access controls, GUCs could become schema variables, and settings from postgresql.conf could move into the database itself (which I think would be nice). Nico -- -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers