Home > mailing lists

Re: [PATCH] Re: [pgsql-advocacy] Why READ ONLY - Mailing list pgsql-patches

From	Neil Conway
Subject	Re: [PATCH] Re: [pgsql-advocacy] Why READ ONLY
Date	December 2, 2003 05:30:48
Msg-id	87ptf720lo.fsf@mailbox.samurai.com Whole thread Raw
In response to	Re: [PATCH] Re: [pgsql-advocacy] Why READ ONLY transactions? (Bruce Momjian <pgman@candle.pha.pa.us>)
List	pgsql-patches

Tree view

Bruce Momjian <pgman@candle.pha.pa.us> writes:
> I assume this patch is to control this way of breaking out of a
> read-only transaction:
> [...]
> This seems like a valuable feature, as others have mentioned.

Why is this feature valuable?

A "read only user" is still able to easily DOS the server, consume
arbitrary disk space[1], and prevent other users from accessing data
(using LOCK, for example). It has been a long-standing fact that
giving a user the ability to execute arbitrary SQL is a security hole;
if you plan to change that, ISTM that a lot more work is necessary.

-Neil

[1] Whether they are allowed to create temp tables or not: plenty of
other parts of the executor use temporary storage.

pgsql-patches by date:

From: Joe Conway
Date: 01 December 2003, 23:48:28
Subject: Re: export FUNC_MAX_ARGS as a read-only GUC variable

From: Peter Eisentraut
Date: 02 December 2003, 05:35:38
Subject: Re: introduce "default_use_oids"

Re: [PATCH] Re: [pgsql-advocacy] Why READ ONLY - Mailing list pgsql-patches

Previous

Next