tgl@sss.pgh.pa.us (Tom Lane) writes:
> Robert Haas <robertmhaas@gmail.com> writes:
>> On Mon, Dec 7, 2009 at 9:48 AM, Bruce Momjian <bruce@momjian.us> wrote:
>>> I wonder if we should rephrase this as, "How hard will this feature be
>>> to add, and how hard will it be to remove in a few years if we decide we
>>> don't want it?"
>
>> Yes, I think that's the right way to think about it. At a guess, it's
>> two man-months of work to get it in,
>
> It's not the "get it in" part that scares me. The problem I have with
> it is that I see it as a huge time sink for future maintenance problems,
> most of which will be classifiable as security breaches which increases
> the pain of dealing with them immeasurably.
Ah, yes, the importance of this is not to be underestimated...
Once "SE-Pg" is added in, *any* bug found in it is likely to be
considered a security bug, and hence a candidate for being a CERT
Advisory.
Some bad things are liable to happen:
a) Such problems turn into a "hue and cry" situation requiring dropping everything else to "fix the security
problem."
b) If everyone isn't using "SE-Pg", then people won't be particularly looking for bugs, and hence bugs are likely
tolinger somewhat, with the consequence that a) occurs with some frequency.
c) Having a series of CERT advisories issued is not going to be considered a good thing, reputation-wise!
I feel about the same way about this as I did about the adding of
"native Windows" support; I'm a bit concerned that this could be a
destabilizing influence. I was wrong back then; the Windows support
hasn't had the ill effects I was concerned it might have.
I'd hope that my concerns about "SE-Pg" are just as wrong as my concerns
about native Windows support. Hope doesn't make it so, alas...
--
select 'cbbrowne' || '@' || 'gmail.com';
http://www3.sympatico.ca/cbbrowne/languages.html
"Just because it's free doesn't mean you can afford it." -- Unknown
