On Mon, Sep 29, 2003 at 12:59:55PM -0400, Bruce Momjian wrote:
> working on. I think we have to get beyond the idea that this can be made
> failure-proof, and just outline the behaviors for failure, and it has to
> be configurable by the administrator.
Exactly. There are plenty of cases where graceless failure is
acceptable to someone as the right answer to the compromise. Of
course, this is not to pretend they're not compromises. There's a
world of difference between saying, "This is not safe, but if you
want to do it, here are some potential failure modes," and, "Hey, you
can use this even though it can't roll back 100% of the time, because
your application should check that." Any comparison with any actual
application I have had to use is strictly coincidental. ;-)
A
--
----
Andrew Sullivan 204-4141 Yonge Street
Afilias Canada Toronto, Ontario Canada
<andrew@libertyrms.info> M2P 2A8 +1 416 646 3304
x110
