Re: [COMMITTERS] pgsql: Add a hook in ExecCheckRTPerms(). - Mailing list pgsql-hackers

From Robert Haas
Subject Re: [COMMITTERS] pgsql: Add a hook in ExecCheckRTPerms().
Date
Msg-id DCFBF4B4-F3AD-47B5-9C3B-C9DD248197F1@gmail.com
Whole thread Raw
In response to Re: [COMMITTERS] pgsql: Add a hook in ExecCheckRTPerms().  (Tom Lane <tgl@sss.pgh.pa.us>)
List pgsql-hackers
On Jul 11, 2010, at 10:44 AM, Tom Lane <tgl@sss.pgh.pa.us> wrote:
> Simon Riggs <simon@2ndQuadrant.com> writes:
>> On Fri, 2010-07-09 at 17:21 -0400, Tom Lane wrote:
>>> I'd still want to see some evidence showing that it's worth
>>> troubling over though.  Premature optimization being the root of all
>>> evil, and all that.  (In this case, the hazard we expose ourselves to
>>> seems to be security holes due to missed resets of the flag.)
>
>> If we did this it would be to add one line to the code
>>    if (!perms_ok)
>
>> That doesn't seem to fall into the category of evil optimization to me.
>
> The problem I foresee is not in the testing of the flag, it's in the
> setting/resetting of it.  It's a reliability penalty not a performance
> penalty --- and any mistakes would count as security issues.
>
> Now it may be that you can offer a convincing argument that no such
> mistake/oversight is likely.  But you haven't even tried to make that
> case.  Even if you can show that the risk is small, it's not going to
> be zero, so we have to trade it off against a demonstrated performance
> improvement.

There's no point in going back and forth here until we have a patch and the results of some performance testing using
saidpatch. If Simon writes one and submits it with some results, we'll consider it on the merits. I think that's all
Simonis asking for, and I don't think anyone is seriously arguing anything to the contrary. Like Tom, I'm skeptical
thatthere is much performance to be found here, but if I'm wrong, I'm happy to have someone demonstrate it. 

...Robert

pgsql-hackers by date:

Previous
From: Tom Lane
Date:
Subject: Re: [COMMITTERS] pgsql: Add a hook in ExecCheckRTPerms().
Next
From: Tom Lane
Date:
Subject: crash-recovery replay of CREATE TABLESPACE is broken in HEAD