Re: [HACKERS] proposal: schema variables

public inbox for pgsql-performance@postgresql.org  
help / color / mirror / Atom feed

From: Fabien COELHO <coelho@cri.ensmp.fr>
To: Pavel Stehule <pavel.stehule@gmail.com>
Cc: Gilles Darold <gilles.darold@dalibo.com>
Cc: PostgreSQL Hackers <pgsql-hackers@lists.postgresql.org>
Subject: Re: [HACKERS] proposal: schema variables
Date: Tue, 21 Aug 2018 19:55:57 +0200 (CEST)
Message-ID: <alpine.DEB.2.21.1808211938510.11873@lancre> (raw)
In-Reply-To: <CAFj8pRA_jZYuTRHEMsv8CnZLBqmnS5xRjcZh-uf0nBWA7WrzMA@mail.gmail.com>
References: <CAFj8pRDY+m9OOxfO10R7J0PAkCCauM-TweaTrdsrsLGMb1VbEQ@mail.gmail.com>
	<623395617.20171113141500@gf.microolap.com>
	<CAFj8pRDdS7ViLBJ6eA93u=C_x15EBv2deiNQDGkBS=LNrjzLLw@mail.gmail.com>
	<CAFj8pRBfb-GTZSHSRVTpMzGr26-7e-_RmOmRpmuk+xuDTgC=mA@mail.gmail.com>
	<28924bcc-9242-9798-e4e8-9d83cea3fef6@dalibo.com>
	<CAFj8pRBRxJ09ibuZT+KK3E+vc3-sXAz7HrbW3oVie7FwQRU-uQ@mail.gmail.com>
	<ae98027e-25a7-b229-ffec-b05d68162718@dalibo.com>
	<CAFj8pRATM44F1ugXxTn6aofxOa=3DZbqOJ17=EVyG+CEzsRQvw@mail.gmail.com>
	<CAFj8pRDnoA3J2RM=WZJdYBXEiJUOfDv-gyJmp81Pq93jmrBb5g@mail.gmail.com>
	<CAFj8pRCTz_CRez3vFo_Ta_m=KtOxBGHE9+T1QG3UgRbuURfzjA@mail.gmail.com>
	<CAFj8pRA_jZYuTRHEMsv8CnZLBqmnS5xRjcZh-uf0nBWA7WrzMA@mail.gmail.com>

Hello Pavel,

AFAICR, I had an objection on such new objects when you first proposed 
something similar in October 2016.

Namely, if session variables are not transactional, they cannot be used to 
implement security related auditing features which were advertised as the 
motivating use case: an the audit check may fail on a commit because of a 
differed constraint, but the variable would keep its "okay" value unduly, 
which would create a latent security issue, the audit check having failed 
but the variable saying the opposite.

So my point was that they should be transactional by default, although I 
would be ok with an option for having a voluntary non transactional 
version.

Is this issue addressed somehow with this version?

-- 
Fabien.

reply

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Reply to all the recipients using the --to and --cc options:
  reply via email

  To: pgsql-performance@postgresql.org
  Cc: coelho@cri.ensmp.fr, pavel.stehule@gmail.com, gilles.darold@dalibo.com, pgsql-hackers@lists.postgresql.org
  Subject: Re: [HACKERS] proposal: schema variables
  In-Reply-To: <alpine.DEB.2.21.1808211938510.11873@lancre>

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox