Kyotaro HORIGUCHI <horiguchi.kyot...@lab.ntt.co.jp> writes:
> At Tue, 19 Mar 2019 08:18:23 +0000, "Wu, Fei" <wufei.f...@cn.fujitsu.com>
> wrote in
> <52E6E0843B9D774C8C73D6CF64402F05621F0FFC@G08CNEXMBPEKD02.g08.fujitsu.local>
>> I will try to fix it~
> I don't oppose that, but as the discussion linked from there [1],
> psql already has a feature that sends multiple statements by one
> PQexec() in two ways. Fixing it means making the features
> obsolete.
Yeah, the problem here is that a lot of people think that that's
a feature not a bug. You certainly can't get away with just summarily
changing the behavior of PQexec without any recourse. Maybe there
would be acceptance for either of
(1) a different function that is like PQexec but restricts the
query string
(2) a connection option or state variable that affects PQexec's
behavior --- but it probably still has to default to permissive.
Unfortunately, if the default behavior doesn't change, then there's little
argument for doing this at all. The security reasoning behind doing
anything in this area would be to provide an extra measure of protection
against SQL-injection attacks on carelessly-written clients, and of course
it's unlikely that a carelessly-written client would get changed to make
use of a non-default feature.
So that's why nothing has been done about this for umpteen years.
If somebody can think of a way to resolve this tension, maybe the
item will get finished; but it's not just a matter of writing some
code.
regards, tom lane
