Re: Let's make PostgreSQL multi-threaded - Mailing list pgsql-hackers

From Heikki Linnakangas
Subject Re: Let's make PostgreSQL multi-threaded
Date
Msg-id d8868273-9797-ea1f-4a2d-ddfe1ce43ffc@iki.fi
Whole thread Raw
In response to Re: Let's make PostgreSQL multi-threaded  (chap@anastigmatix.net)
Responses Re: Let's make PostgreSQL multi-threaded
List pgsql-hackers
On 06/06/2023 11:48, chap@anastigmatix.net wrote:
> And the devs of Java, in their immeasurable wisdom, have announced
> a "JDK Enhancement Proposal" (that's just what these things are
> called, don't blame Orwell), JEP 411[2][3], in which all of the
> Security Manager features that PL/Java relies on for bounds on
> 'trusted' behavior are deprecated for eventual removal with no
> functional replacement. I'd be even more leery of using one big
> shared JVM for everybody's work after that happens.

Ouch.

> Might the work toward allowing a run-time choice between a
> process or threaded model also make possible some
> intermediate models as well? A backend process for
> connections to a particular database, or with particular
> authentication credentials? Go through the authentication
> handshake and then sendfd the connected socket to the
> appropriate process. (Has every supported platform got
> something like sendfd?)

I'm afraid having multiple processes and JVMs doesn't help that. If you 
can escape the one JVM in one backend process, it's game over. Backend 
processes are not a security barrier, and you have the same problems 
with the current multi-process architecture, too.

https://github.com/greenplum-db/plcontainer is one approach. It launches 
a separate process for the PL, separate from the backend process, and 
sandboxes that.

-- 
Heikki Linnakangas
Neon (https://neon.tech)




pgsql-hackers by date:

Previous
From: Jacob Champion
Date:
Subject: Re: RFC: logical publication via inheritance root?
Next
From: Peter Eisentraut
Date:
Subject: Re: abi-compliance-checker