Re: [HACKERS] Disallowing multiple queries per PQexec() - Mailing list pgsql-hackers

From Peter Eisentraut
Subject Re: [HACKERS] Disallowing multiple queries per PQexec()
Date
Msg-id 12f11da6-52b1-3738-6431-7a67d60d5078@2ndquadrant.com
Whole thread Raw
In response to Re: [HACKERS] Disallowing multiple queries per PQexec()  (Surafel Temesgen <surafel3000@gmail.com>)
List pgsql-hackers
On 6/14/17 10:05, Surafel Temesgen wrote:
>     PGC_POSTMASTER implies that it's an instance-wide setting.
>     Is is intentional? I can understand that it's more secure for this
>     not to
>     be changeable in an existing session, but it's also much less usable
>     if you
>     can't set it per-database and per-user.
>     Maybe it should be PGC_SUSET ?
> 
> It’s my misunderstanding I thought PGC_POSTMASTER set only by 
> superuser and changed with a hard restart 
> 
> I attach a patch that incorporate the comments and uses similar routines
> with the rest of the file rather than using command tag

After reviewing the discussion, I'm inclined to reject this patch.
Several people have spoken out strongly against this patch.  It's clear
that this feature wouldn't actually offer any absolute protection; it
just closes one particular hole.  On the other hand, it introduces a
maintenance and management burden.

We already have libpq APIs that offer a more comprehensive protection
against SQL injection, so we can encourage users to use those, instead
of relying on uncertain measures such as this.

-- 
Peter Eisentraut              http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services



pgsql-hackers by date:

Previous
From: Chris Travers
Date:
Subject: Re: [HACKERS] Proposal: pg_rewind to skip config files
Next
From: Chris Travers
Date:
Subject: Re: [HACKERS] Proposal: pg_rewind to skip config files