Re: [COMMITTERS] pgsql: Add a hook in ExecCheckRTPerms(). - Mailing list pgsql-hackers

From Tom Lane
Subject Re: [COMMITTERS] pgsql: Add a hook in ExecCheckRTPerms().
Date
Msg-id 19475.1278863095@sss.pgh.pa.us
Whole thread Raw
In response to Re: [COMMITTERS] pgsql: Add a hook in ExecCheckRTPerms().  (Simon Riggs <simon@2ndQuadrant.com>)
Responses Re: [COMMITTERS] pgsql: Add a hook in ExecCheckRTPerms().
List pgsql-hackers
Simon Riggs <simon@2ndQuadrant.com> writes:
> On Fri, 2010-07-09 at 17:21 -0400, Tom Lane wrote:
>> I'd still want to see some evidence showing that it's worth
>> troubling over though.  Premature optimization being the root of all
>> evil, and all that.  (In this case, the hazard we expose ourselves to
>> seems to be security holes due to missed resets of the flag.)

> If we did this it would be to add one line to the code 
>     if (!perms_ok)

> That doesn't seem to fall into the category of evil optimization to me.

The problem I foresee is not in the testing of the flag, it's in the
setting/resetting of it.  It's a reliability penalty not a performance
penalty --- and any mistakes would count as security issues.

Now it may be that you can offer a convincing argument that no such
mistake/oversight is likely.  But you haven't even tried to make that
case.  Even if you can show that the risk is small, it's not going to
be zero, so we have to trade it off against a demonstrated performance
improvement.
        regards, tom lane


pgsql-hackers by date:

Previous
From: Boxuan Zhai
Date:
Subject: Re: gSoC - ADD MERGE COMMAND - code patch submission
Next
From: Robert Haas
Date:
Subject: Re: [COMMITTERS] pgsql: Add a hook in ExecCheckRTPerms().