From: | Heikki Linnakangas <heikki(dot)linnakangas(at)enterprisedb(dot)com> |
---|---|
To: | Robert Haas <robertmhaas(at)gmail(dot)com> |
Cc: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Greg Smith <greg(at)2ndquadrant(dot)com>, Joachim Wieland <joe(at)mcknight(dot)de>, Andrew Dunstan <andrew(at)dunslane(dot)net>, pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: WIP patch for parallel pg_dump |
Date: | 2010-12-06 14:45:36 |
Message-ID: | 4CFCF710.8040306@enterprisedb.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On 06.12.2010 14:57, Robert Haas wrote:
> On Mon, Dec 6, 2010 at 2:29 AM, Heikki Linnakangas
> <heikki(dot)linnakangas(at)enterprisedb(dot)com> wrote:
>> The client doesn't need to know anything about the snapshot blob that the
>> server gives it. It just needs to pass it back to the server through the
>> other connection. To the client, it's just an opaque chunk of bytes.
>
> I suppose that would work, but I still think it's a bad idea. We made
> this mistake with expression trees. Any oversight in the code that
> validates the chunk of bytes when it (or a modified version) is sent
> back to the server turns into a security hole.
True, but a snapshot is a lot simpler than an expression tree. It's
pretty much impossible to plug all the holes in the expression-tree
reading functions, and keep them hole-free in the future. The expression
tree format is constantly in flux. A snapshot, however, is a fairly
isolated small data structure that rarely changes.
> I think it's a whole
> lot simpler and cleaner to keep the representation details private to
> the server.
Well, then you need some sort of cross-backend communication, which is
always a bit clumsy.
--
Heikki Linnakangas
EnterpriseDB http://www.enterprisedb.com
From | Date | Subject | |
---|---|---|---|
Next Message | Oleg Bartunov | 2010-12-06 14:46:37 | Re: knngist - 0.8 |
Previous Message | Merlin Moncure | 2010-12-06 14:37:06 | Re: Suggesting a libpq addition |