Re: Views, views, views: Summary of Arguments - Mailing list pgsql-hackers

From Merlin Moncure
Subject Re: Views, views, views: Summary of Arguments
Date
Msg-id 6EE64EF3AB31D5448D0007DD34EEB3415C284F@Herge.rcsinc.local
Whole thread Raw
Responses Re: Views, views, views: Summary of Arguments  (Tom Lane <tgl@sss.pgh.pa.us>)
List pgsql-hackers
Tom Lane wrote:
> "Merlin Moncure" <merlin.moncure@rcsonline.com> writes:
> > Argument 3: backwards compatibility.  Do you remember how
tablespaces
> > introduction broke pgAdmin?
>
> This argument, at least, is bogus.  See my original comments to Josh:
> it is not credible that these views will be significantly more stable
> than the underlying catalogs.  We don't change the catalogs on whims;
> we change them because we have to in order to make some significant
> improvement in functionality.  For instance, if this nested-schema
> idea goes in, the proposed views will have to change, or else become
> useless for most of the purposes they are being touted for.

Ok, I agree.

To be honest, I think the usability arguments are specious at best when
we have the information schema.  In fact, IMO it is a mistake to add a
third way of describing the database unless there were plans to make
significant changes to the system schema.

However, I think PostgreSQL has a fairly serious security problem in
that the system catalogs are open to the public.  I don't seem to be
winning many supporters on this particular point though.  I wonder if
people are aware just how much information a completely unprivileged
account can pull out of the database?

Including but not limited to:
1. all source code of user defined functions
2. list of all users on system (but not passwords)
etc.

Merlin


pgsql-hackers by date:

Previous
From: Tom Lane
Date:
Subject: Re: SQL_ASCII vs. 7-bit ASCII encodings
Next
From: Tom Lane
Date:
Subject: Re: Views, views, views: Summary of Arguments