| Lists: | pgsql-hackers |
|---|
| From: | Magnus Hagander <magnus(at)hagander(dot)net> |
|---|---|
| To: | PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Prevent pg_basebackup -Fp -D -? |
| Date: | 2013-10-02 14:31:49 |
| Message-ID: | CABUevEw3wdhGqPq=oo9yzr9EOsFL_zzXSn_gk0kJbJx-4UVvGA@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Lists: | pgsql-hackers |
Right now, if you use
pg_basebackup -Ft -D -
you get a tarfile, written to stdout, for redirection.
However, if you use:
pg_basebackup -Fp -D -
you get a plaintext (unpackaged) backup, in a directory called "-".
I can't think of a single usecase where this is a good idea. Therefor,
I would suggest we simply throw an error in this case, instead of
creating the directory. Only for the specific case of specifying
exactly "-" as a directory.
Comments?
Also, if we do that, is this something we should consider
backpatchable? It's not strictly speaking a bugfix, but I'd say it
fixes some seriously annoying behavior.
--
Magnus Hagander
Me: http://www.hagander.net/
Work: http://www.redpill-linpro.com/
| From: | Michael Paquier <michael(dot)paquier(at)gmail(dot)com> |
|---|---|
| To: | Magnus Hagander <magnus(at)hagander(dot)net> |
| Cc: | PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Prevent pg_basebackup -Fp -D -? |
| Date: | 2013-10-03 00:47:18 |
| Message-ID: | CAB7nPqQRDr8RuFAK+AFh0FtHk2JXYD1jndm=-sp4EEGDuUrbRA@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Lists: | pgsql-hackers |
On Wed, Oct 2, 2013 at 11:31 PM, Magnus Hagander <magnus(at)hagander(dot)net> wrote:
> Right now, if you use
>
> pg_basebackup -Ft -D -
>
> you get a tarfile, written to stdout, for redirection.
>
> However, if you use:
>
> pg_basebackup -Fp -D -
>
> you get a plaintext (unpackaged) backup, in a directory called "-".
>
> I can't think of a single usecase where this is a good idea. Therefor,
> I would suggest we simply throw an error in this case, instead of
> creating the directory. Only for the specific case of specifying
> exactly "-" as a directory.
>
> Comments?
Isn't this a non-problem? This behavior is in line with the
documentation, so I would suspected that if directory name is
specified as "-" in plain mode, it should create the folder with this
name.
Do you consider having a folder of this name an annoyance?
> Also, if we do that, is this something we should consider
> backpatchable? It's not strictly speaking a bugfix, but I'd say it
> fixes some seriously annoying behavior.
This would change the spec of pg_basebackup, so no? Does the current
behavior have potential security issues?
My 2c. Regards,
--
Michael
| From: | Josh Berkus <josh(at)agliodbs(dot)com> |
|---|---|
| To: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: Prevent pg_basebackup -Fp -D -? |
| Date: | 2013-10-03 01:10:39 |
| Message-ID: | 524CC40F.1000506@agliodbs.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Lists: | pgsql-hackers |
On 10/02/2013 05:47 PM, Michael Paquier wrote:
> On Wed, Oct 2, 2013 at 11:31 PM, Magnus Hagander <magnus(at)hagander(dot)net> wrote:
>> Right now, if you use
>>
>> pg_basebackup -Ft -D -
>>
>> you get a tarfile, written to stdout, for redirection.
>>
>> However, if you use:
>>
>> pg_basebackup -Fp -D -
>>
>> you get a plaintext (unpackaged) backup, in a directory called "-".
>>
>> I can't think of a single usecase where this is a good idea. Therefor,
>> I would suggest we simply throw an error in this case, instead of
>> creating the directory. Only for the specific case of specifying
>> exactly "-" as a directory.
>>
>> Comments?
I can see fixing this going forwards, but it doesn't seem worth
backpatching.
--
Josh Berkus
PostgreSQL Experts Inc.
http://pgexperts.com
| From: | Magnus Hagander <magnus(at)hagander(dot)net> |
|---|---|
| To: | Michael Paquier <michael(dot)paquier(at)gmail(dot)com> |
| Cc: | PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Prevent pg_basebackup -Fp -D -? |
| Date: | 2013-10-03 04:50:57 |
| Message-ID: | CABUevEyjJAyL1FdZ3p5AvUHTqv8BxM1vpHnPC6vr=p13ZGMOZA@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Lists: | pgsql-hackers |
On Oct 3, 2013 2:47 AM, "Michael Paquier" <michael(dot)paquier(at)gmail(dot)com> wrote:
>
> On Wed, Oct 2, 2013 at 11:31 PM, Magnus Hagander <magnus(at)hagander(dot)net>
wrote:
> > Right now, if you use
> >
> > pg_basebackup -Ft -D -
> >
> > you get a tarfile, written to stdout, for redirection.
> >
> > However, if you use:
> >
> > pg_basebackup -Fp -D -
> >
> > you get a plaintext (unpackaged) backup, in a directory called "-".
> >
> > I can't think of a single usecase where this is a good idea. Therefor,
> > I would suggest we simply throw an error in this case, instead of
> > creating the directory. Only for the specific case of specifying
> > exactly "-" as a directory.
> >
> > Comments?
> Isn't this a non-problem? This behavior is in line with the
> documentation, so I would suspected that if directory name is
> specified as "-" in plain mode, it should create the folder with this
> name.
> Do you consider having a folder of this name an annoyance?
Yes, that is exactly the point - i do consider that an annoyance, and i
don't see the use case where you'd actually want it. I bet 100% of the
users of that have been accidental, thinking they'd get the pipe, not the
directory.
> > Also, if we do that, is this something we should consider
> > backpatchable? It's not strictly speaking a bugfix, but I'd say it
> > fixes some seriously annoying behavior.
> This would change the spec of pg_basebackup, so no? Does the current
> behavior have potential security issues?
No, there are no security issues that I can see. Just annoyance. And yes, I
guess it would change the spec, so backpatching might be a bad idea..
/Magnus
| From: | Bruce Momjian <bruce(at)momjian(dot)us> |
|---|---|
| To: | Magnus Hagander <magnus(at)hagander(dot)net> |
| Cc: | Michael Paquier <michael(dot)paquier(at)gmail(dot)com>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Prevent pg_basebackup -Fp -D -? |
| Date: | 2014-02-13 03:10:58 |
| Message-ID: | 20140213031058.GF4831@momjian.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Lists: | pgsql-hackers |
On Thu, Oct 3, 2013 at 06:50:57AM +0200, Magnus Hagander wrote:
>
> On Oct 3, 2013 2:47 AM, "Michael Paquier" <michael(dot)paquier(at)gmail(dot)com> wrote:
> >
> > On Wed, Oct 2, 2013 at 11:31 PM, Magnus Hagander <magnus(at)hagander(dot)net> wrote:
> > > Right now, if you use
> > >
> > > pg_basebackup -Ft -D -
> > >
> > > you get a tarfile, written to stdout, for redirection.
> > >
> > > However, if you use:
> > >
> > > pg_basebackup -Fp -D -
> > >
> > > you get a plaintext (unpackaged) backup, in a directory called "-".
> > >
> > > I can't think of a single usecase where this is a good idea. Therefor,
> > > I would suggest we simply throw an error in this case, instead of
> > > creating the directory. Only for the specific case of specifying
> > > exactly "-" as a directory.
> > >
> > > Comments?
> > Isn't this a non-problem? This behavior is in line with the
> > documentation, so I would suspected that if directory name is
> > specified as "-" in plain mode, it should create the folder with this
> > name.
> > Do you consider having a folder of this name an annoyance?
>
> Yes, that is exactly the point - i do consider that an annoyance, and i don't
> see the use case where you'd actually want it. I bet 100% of the users of that
> have been accidental, thinking they'd get the pipe, not the directory.
>
> > > Also, if we do that, is this something we should consider
> > > backpatchable? It's not strictly speaking a bugfix, but I'd say it
> > > fixes some seriously annoying behavior.
> > This would change the spec of pg_basebackup, so no? Does the current
> > behavior have potential security issues?
>
> No, there are no security issues that I can see. Just annoyance. And yes, I
> guess it would change the spec, so backpatching might be a bad idea..
Has this been fixed? If so, I don't see it.
--
Bruce Momjian <bruce(at)momjian(dot)us> http://momjian.us
EnterpriseDB http://enterprisedb.com
+ Everyone has their own god. +
| From: | Magnus Hagander <magnus(at)hagander(dot)net> |
|---|---|
| To: | Bruce Momjian <bruce(at)momjian(dot)us> |
| Cc: | Michael Paquier <michael(dot)paquier(at)gmail(dot)com>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Prevent pg_basebackup -Fp -D -? |
| Date: | 2014-02-13 13:43:40 |
| Message-ID: | CABUevEwKY6yKZ03n6rx4KCZRAmiqoc0PDsmEj0+-b+mqM2Q6xw@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Lists: | pgsql-hackers |
On Thu, Feb 13, 2014 at 4:10 AM, Bruce Momjian <bruce(at)momjian(dot)us> wrote:
> On Thu, Oct 3, 2013 at 06:50:57AM +0200, Magnus Hagander wrote:
> >
> > On Oct 3, 2013 2:47 AM, "Michael Paquier" <michael(dot)paquier(at)gmail(dot)com>
> wrote:
> > >
> > > On Wed, Oct 2, 2013 at 11:31 PM, Magnus Hagander <magnus(at)hagander(dot)net>
> wrote:
> > > > Right now, if you use
> > > >
> > > > pg_basebackup -Ft -D -
> > > >
> > > > you get a tarfile, written to stdout, for redirection.
> > > >
> > > > However, if you use:
> > > >
> > > > pg_basebackup -Fp -D -
> > > >
> > > > you get a plaintext (unpackaged) backup, in a directory called "-".
> > > >
> > > > I can't think of a single usecase where this is a good idea.
> Therefor,
> > > > I would suggest we simply throw an error in this case, instead of
> > > > creating the directory. Only for the specific case of specifying
> > > > exactly "-" as a directory.
> > > >
> > > > Comments?
> > > Isn't this a non-problem? This behavior is in line with the
> > > documentation, so I would suspected that if directory name is
> > > specified as "-" in plain mode, it should create the folder with this
> > > name.
> > > Do you consider having a folder of this name an annoyance?
> >
> > Yes, that is exactly the point - i do consider that an annoyance, and i
> don't
> > see the use case where you'd actually want it. I bet 100% of the users
> of that
> > have been accidental, thinking they'd get the pipe, not the directory.
> >
> > > > Also, if we do that, is this something we should consider
> > > > backpatchable? It's not strictly speaking a bugfix, but I'd say it
> > > > fixes some seriously annoying behavior.
> > > This would change the spec of pg_basebackup, so no? Does the current
> > > behavior have potential security issues?
> >
> > No, there are no security issues that I can see. Just annoyance. And
> yes, I
> > guess it would change the spec, so backpatching might be a bad idea..
>
> Has this been fixed? If so, I don't see it.
>
It has not. I think the thread wasn't entirely clear on if we wanted it or
not, which is why I was waiting for more input from others. And then
promptly forgot about it since nobody spoke up :)
--
Magnus Hagander
Me: http://www.hagander.net/
Work: http://www.redpill-linpro.com/