Excerpts from Sam Mason's message of mar nov 09 08:06:12 -0300 2010:
> On Mon, Nov 08, 2010 at 12:55:22PM -0300, Alvaro Herrera wrote:
> > Excerpts from Charles Pritchard's message of sáb nov 06 23:20:13 -0300 2010:
> >
> > > Simple async sql sub-set (the spec in trouble):
> > > http://dev.w3.org/html5/webdatabase/
> >
> > This is insane. This spec allows the server to run arbitrary SQL
> > commands on the client, AFAICT. That seems like infinite joy for
> > malicious people running webservers. The more powerful the dialect of
> > SQL the client implements, the more dangerous it is.
>
> How is this different from the server asking the client to run an
> infinite loop in javascript?
So we already failed :-) It seems that being able to kill processes is
seen as "good enough" ... well, I guess I just don't visit many
malicious sites.
And this makes me think that SQLite is indeed the right tool for the job
here, and not PostgreSQL. If someone intrudes, it's going to be in the
same process running the web browser, not in some server running under
another user identity in the machine. That seems like a feature to me,
not a bug.
--
Álvaro Herrera <alvherre@commandprompt.com>
The PostgreSQL Company - Command Prompt, Inc.
PostgreSQL Replication, Consulting, Custom Development, 24x7 support
