| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Curt Sampson <cjs(at)cynic(dot)net> |
| Cc: | Sander Steffann <sander(at)steffann(dot)nl>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: Schema (namespace) privilege details |
| Date: | 2002-04-20 04:06:11 |
| Message-ID: | 18320.1019275571@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Curt Sampson <cjs(at)cynic(dot)net> writes:
> On Fri, 19 Apr 2002, Sander Steffann wrote:
>> I can't think of a reason that [creation of] temp tables should
>> be prevented.
> Maybe to keep hostile users from filling up your disk?
That does come to mind --- but if you've let hostile users into
your database, filling your disk is not exactly the smallest problem
they could cause. They can very easily cause DOS problems just based
on overconsumption of CPU cycles, or on crashing your server constantly.
(Cm'on, we all know that can be done.) Even more to the point, is there
nothing in your database that you'd not want published to the entire
world? There's got to be a certain amount of trust level between you
and the persons you allow SQL-command-level access to your database.
If not, you ought to be interposing another level of software.
My current proposal for schema protection does include a TEMP-table-
creation right ... but to be honest I am not convinced that it'd be
worth the trouble to implement it. Comments anyone?
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Lincoln Yeoh | 2002-04-20 04:10:23 | Re: Index Scans become Seq Scans after VACUUM ANALYSE |
| Previous Message | Tom Lane | 2002-04-20 03:37:35 | Re: general design question |