On Tue, Apr 11, 2006 at 04:02:07PM -0700, Mischa Sandberg wrote:
> Anybody on this list hear/opine anything pf the GPUSort project for
> postgresql? I'm working on a radix-sort subcase for tuplesort, and there
> are similarities.
>
> http://www.andrew.cmu.edu/user/ngm/15-823/project/
I've heard
Neil,
> Perhaps a compromise would be to enable pl/pgsql by default, but not
> grant the USAGE privilege on it. This would allow superusers to define
> pl/pgsql functions without taking any additional steps. Non-superusers
> could be given access to pl/pgsql via a simple GRANT -- either for all
>
2006/4/8, Tom Lane <[EMAIL PROTECTED]>:
> I've never understood what the conceptual model is for Oracle's rownum.
> Where along the SQL operational pipeline (FROM / WHERE / GROUP BY /
> aggregate / compute output columns / ORDER BY) is it supposed to be
> computed? To be useful for the often-requ
> That's a fair point.
>
> Perhaps a compromise would be to enable pl/pgsql by default, but not
> grant the USAGE privilege on it. This would allow superusers to define
> pl/pgsql functions without taking any additional steps. Non-superusers
> could be given access to pl/pgsql via a simple GRANT
Anybody on this list hear/opine anything pf the GPUSort project for postgresql?
I'm working on a radix-sort subcase for tuplesort, and there are similarities.
http://www.andrew.cmu.edu/user/ngm/15-823/project/
--
Engineers think that equations approximate reality.
Physicists think that reality
On Tue, Apr 11, 2006 at 03:43:56PM -0700, Joshua D. Drake wrote:
> On Tue, 2006-04-11 at 19:35 -0300, Marc G. Fournier wrote:
> > On Tue, 11 Apr 2006, Joshua D. Drake wrote:
> >
> > >
> > >> No, but does that mean we should increase the potential by adding in
> > >> something that not everyone tha
On Tue, 2006-04-11 at 19:35 -0300, Marc G. Fournier wrote:
> On Tue, 11 Apr 2006, Joshua D. Drake wrote:
>
> >
> >> No, but does that mean we should increase the potential by adding in
> >> something that not everyone that runs PostgreSQL actually uses?
> >
> > Using this argument I could say that
On Tue, 11 Apr 2006, Joshua D. Drake wrote:
No, but does that mean we should increase the potential by adding in
something that not everyone that runs PostgreSQL actually uses?
Using this argument I could say that we don't need primary keys, foreign
keys, views or rules. Especially the latte
On Tue, 2006-04-11 at 17:20 -0400, Tom Lane wrote:
> No, I'm saying that having access to a PL renders certain classes of
> attacks significantly more efficient. A determined attacker with
> unlimited time may not care, but in the real world, security is
> relative.
That's a fair point.
Perhaps
Martijn van Oosterhout writes:
> --f2QGlHpHGjS2mn6Y
> On Tue, Apr 11, 2006 at 11:22:53PM +0200, Andreas Tille wrote:
>> I'm lacking experience here so I perfectly trust you that keeping
>> the default case as it is. The question is, whether adding an
>> option to change the default might make sen
On 2006-04-11, Tom Lane <[EMAIL PROTECTED]> wrote:
> More realistically, though, the theoretical point that you can do
> arbitrary calculations by turning loops into recursive SQL functions is
> mostly just theoretical,
It's not at all theoretical. The very practical problem of trying to write
cod
On 2006-04-11, Tom Lane <[EMAIL PROTECTED]> wrote:
> David Fetter <[EMAIL PROTECTED]> writes:
>> I don't get your not getting this 'cause you're a very smart guy. Are
>> you under the impression that an attacker will stop because he has to
>> try a few times?
>
> No, I'm saying that having access
> No, but does that mean we should increase the potential by adding in
> something that not everyone that runs PostgreSQL actually uses?
Using this argument I could say that we don't need primary keys, foreign
keys, views or rules. Especially the latter 3 ;).
Sincerely,
Joshua D. Drake
>
Tom Lane wrote:
In the end it's only one small component of security, but any security
expert will tell you that you take all the layers of security that you
can get. If you don't need a given bit of functionality, it shouldn't
get installed.
I think any security expert would say that if let no
On Sat, Apr 08, 2006 at 03:04:40PM -0400, Tom Lane wrote:
> Jan Wieck <[EMAIL PROTECTED]> writes:
> > My humble guess is that c) is also the reason why the ANSI didn't find a
> > ROWNUM desirable.
>
> I've never understood what the conceptual model is for Oracle's rownum.
> Where along the SQL op
Andreas Tille <[EMAIL PROTECTED]> writes:
> I'm lacking experience here so I perfectly trust you that keeping
> the default case as it is. The question is, whether adding an
> option to change the default might make sense.
I don't think so. The current API contract for aggregate functions is
tha
On Tue, Apr 11, 2006 at 05:20:02PM -0400, Tom Lane wrote:
> David Fetter <[EMAIL PROTECTED]> writes:
> > I don't get your not getting this 'cause you're a very smart guy.
> > Are you under the impression that an attacker will stop because he
> > has to try a few times?
>
> No, I'm saying that havi
On Tue, Apr 11, 2006 at 11:22:53PM +0200, Andreas Tille wrote:
> On Tue, 11 Apr 2006, Tom Lane wrote:
>
> >We could maybe change things so that the finalfunc isn't run unless the
> >result value is actually demanded in the SELECT list or HAVING clause,
> >but for 99.99% of applications checking th
On Tue, 11 Apr 2006, Joshua D. Drake wrote:
Can you guarantee unequivocally that there are absolutely not security
issues in plpgsql?
Can you guarantee unequivocally that there are absolutely not security issues
in PostgreSQL?
No, but does that mean we should increase the potential by add
> That's only going to be true for very high end systems with multiple raid
> controllers and dozens of spindles.
Not true. I have a system right now that would benifit. My database is
only 500 megs and I have 2 gig of ram and two processors... I only have
a raid 1, but that is o.k. because most
Are there are more possibilities for some bug in the plpgsql engine to allow an
exploit: actually changing the stack through a buffer overflow, or a bug in an
intrinsic function, or allowing an injection that crosses some privilege
boundary, via someone else's EXECUTE?
It's a lot easier to ver
On Tue, 11 Apr 2006, Tom Lane wrote:
We could maybe change things so that the finalfunc isn't run unless the
result value is actually demanded in the SELECT list or HAVING clause,
but for 99.99% of applications checking that would be a waste of cycles,
so I'm disinclined to do it.
I'm lacking
David Fetter <[EMAIL PROTECTED]> writes:
> I don't get your not getting this 'cause you're a very smart guy. Are
> you under the impression that an attacker will stop because he has to
> try a few times?
No, I'm saying that having access to a PL renders certain classes of
attacks significantly mo
On Tue, Apr 11, 2006 at 05:01:17PM -0400, Tom Lane wrote:
> David Fetter <[EMAIL PROTECTED]> writes:
> > On Tue, Apr 11, 2006 at 04:35:05PM -0400, Tom Lane wrote:
> >> More realistically, though, the theoretical point that you can do
> >> arbitrary calculations by turning loops into recursive SQL
>
David Fetter <[EMAIL PROTECTED]> writes:
> On Tue, Apr 11, 2006 at 04:35:05PM -0400, Tom Lane wrote:
>> More realistically, though, the theoretical point that you can do
>> arbitrary calculations by turning loops into recursive SQL functions
>> is mostly just theoretical, and the reason is that you
On Mon, Apr 10, 2006 at 01:36:45PM -0400, Alvaro Herrera wrote:
> Markus Schiltknecht wrote:
> > On Mon, 2006-04-10 at 17:22 +0800, Qingqing Zhou wrote:
> > > Check the code InitPostgres(). These global varaibles are scattered in
> > > many
> > > places, so I am not sure if it is easy to write cle
On Mon, Apr 10, 2006 at 05:22:13PM +0800, Qingqing Zhou wrote:
>
> "Markus Schiltknecht" <[EMAIL PROTECTED]> wrote
> > Hi Qingqing,
> >
> > >
> > > As Tom pointed out, without big change, a backend on database "D1" can't
> > > connect to "D2". This is because to connect to a database, we need to
>
On Tue, Apr 11, 2006 at 04:35:05PM -0400, Tom Lane wrote:
> "Jim C. Nasby" <[EMAIL PROTECTED]> writes:
> > Rather than debate how turing complete SQL is, look at the real
> > issue: is a compromised system with plPGSQL installed more
> > dangerous than a compromised system without plPGSQL. As far a
On Mon, Apr 10, 2006 at 12:02:56PM -0700, Luke Lonergan wrote:
> Hannu,
>
> On 4/10/06 2:23 AM, "Hannu Krosing" <[EMAIL PROTECTED]> wrote:
>
> >> The cost of fetching a page from the OS is not really much of an
> >> overhead,
> >
> > Have you tested this ?
>
> I have - the overhead of fetching
"Jim C. Nasby" <[EMAIL PROTECTED]> writes:
> Rather than debate how turing complete SQL is, look at the real issue:
> is a compromised system with plPGSQL installed more dangerous than a
> compromised system without plPGSQL. As far as I can see, it's not.
You're disregarding the possibility that p
On Mon, 10 Apr 2006, Tom Lane wrote:
Kris Jurka <[EMAIL PROTECTED]> writes:
The attached patch allows SET CONSTRAINTS to take a schema qualified
constraint name (myschema.t1_fk_t2) and when given a bare constraint name
it uses the search_path to determine the matching constraint instead of
th
On Mon, Apr 10, 2006 at 11:02:50PM -0700, David Fetter wrote:
> On Tue, Apr 11, 2006 at 12:47:03AM -0400, Tom Lane wrote:
> > "Joshua D. Drake" <[EMAIL PROTECTED]> writes:
> > > What does enabling plpgsql do via access that you can't just do from an
> > > SQL query?
> >
> > SQL isn't Turing-compl
On Mon, Apr 10, 2006 at 10:44:15AM +0100, Richard Huxton wrote:
> Bruce Momjian wrote:
> >
> > * Allow EXPLAIN output to be more easily processed by scripts
>
> Can I request an extension/additional point?
> * Design EXPLAIN output to survive cut & paste on mailing-lists
>
> Being able to pa
Stephen Frost wrote:
-- Start of PGP signed section.
> * Bruce Momjian (pgman@candle.pha.pa.us) wrote:
> > I updated the wording to say 'non-root users':
> >
> > If running in FreeBSD jails by enabling sysconf's
> > security.jail.sysvipc_allowed,
> > postmasters
> > runnin
* Bruce Momjian (pgman@candle.pha.pa.us) wrote:
> I updated the wording to say 'non-root users':
>
> If running in FreeBSD jails by enabling sysconf's
> security.jail.sysvipc_allowed, postmasters
> running in different jails should be run by different operating system
>
Stephen Frost wrote:
-- Start of PGP signed section.
> * Bruce Momjian (pgman@candle.pha.pa.us) wrote:
> >
> > + If running in FreeBSD jails by enabling sysconf's
> > + security.jail.sysvipc_allowed,
> > postmasters
> > + running in different jails should be run b
* Bruce Momjian (pgman@candle.pha.pa.us) wrote:
>
> + If running in FreeBSD jails by enabling sysconf's
> + security.jail.sysvipc_allowed,
> postmasters
> + running in different jails should be run by different operating
> system
> + users. This improves
[ FreeBSD email list removed.]
I totally agree, and have added the attached documentation patch to
recommend using different users in FreeBSD jails.
---
Stephen Frost wrote:
-- Start of PGP signed section.
> * Marc G. Fourn
Hi pg Hackers,
First I using PostgreSQL for four year now, and I would like to thank you all for your work :)
I'm currently doing a study about the Open Source database.
So I'm testing some of the contrib modules like dblink, tsearch, admin81 and I was using postgis a lot in a previous life.
All
"Joshua D. Drake" <[EMAIL PROTECTED]> writes:
> Well I am go out on a limb here and gather to guess that sequential scans and
> index scans are still very relevant because the CPU could be bound by the scan
> (either one) based on the type of query being performed.
>
> This doesn't really have an
On 4/11/06, Tom Lane <[EMAIL PROTECTED]> wrote:
> Good ways to answer this sort of question are:
>
> 1. Grep for references to some of the existing fields in the same catalog.
>
> 2. Look at the CVS diff for previous commits that added fields to the
> same catalog.
True, true.
--
Jonah H. Harris,
"Jonah H. Harris" <[EMAIL PROTECTED]> writes:
> On 4/11/06, Markus Schiltknecht <[EMAIL PROTECTED]> wrote:
>> I've only added the fields in include/catalog/pg_database.h. Do I need
>> to fiddle other places?
> Make sure you updated Natts_pg_database, the bootstrap DATA line, and
> the stuff in src
On 4/11/06, Markus Schiltknecht <[EMAIL PROTECTED]> wrote:
> dbcommands.c was the missing peace, thank you!
No problemo :)
--
Jonah H. Harris, Database Internals Architect
EnterpriseDB Corporation
732.331.1324
---(end of broadcast)---
TIP 6: explai
On Tue, 2006-04-11 at 14:07 -0400, Jonah H. Harris wrote:
> Make sure you updated Natts_pg_database, the bootstrap DATA line, and
> the stuff in src/backend/commands/dbcommands.c.
dbcommands.c was the missing peace, thank you!
Markus
---(end of broadcast)---
Greg Stark wrote:
Simon Riggs <[EMAIL PROTECTED]> writes:
I think it would be useful to think about exactly what type of
query/activity we are looking to improve the performance on. That way we
can understand the benefit of this proposal and take some baseline
measurements to analyse what is ha
On 4/11/06, Markus Schiltknecht <[EMAIL PROTECTED]> wrote:
> I've only added the fields in include/catalog/pg_database.h. Do I need
> to fiddle other places?
Make sure you updated Natts_pg_database, the bootstrap DATA line, and
the stuff in src/backend/commands/dbcommands.c.
Other than that I don
Greg Stark wrote:
> Even on Solaris I'm sure parsing and preparing plans for all the queries,
> building up the system table cache for all the objects in the database, and so
> on are much much more expensive than fork(). I wouldn't be surprised if even
> on windows it was still a pretty close rac
Alvaro Herrera <[EMAIL PROTECTED]> writes:
> Greg Stark wrote:
> > Alvaro Herrera <[EMAIL PROTECTED]> writes:
> >
> > > An idea arising in chat with Joshua Drake: the retargetting code, if it
> > > turns out to work and not be excessively expensive, could also be useful
> > > to implement a ser
Hi,
I'm trying to add fields to pg_database in the system catalog. As long
as I add fixed-size fields before the VAR LENGTH ones, that's all fine.
But adding a VAR LENGTH (text) field initdb fails at: copying template1
to template0. The child process 'postgres' fails with signal 11. Strange
enoug
On Tue, 2006-04-11 at 07:47, Myron Scott wrote:
> client
> or additional processing. Am I missing something in this analysis?
>
> I've attached my dtrace script.
>
To answer my own question, I suppose my processors are
relatively slow compared to most setups.
Myron Scott
---
Simon Riggs <[EMAIL PROTECTED]> writes:
> I think it would be useful to think about exactly what type of
> query/activity we are looking to improve the performance on. That way we
> can understand the benefit of this proposal and take some baseline
> measurements to analyse what is happening for
Greg Stark wrote:
> Alvaro Herrera <[EMAIL PROTECTED]> writes:
>
> > An idea arising in chat with Joshua Drake: the retargetting code, if it
> > turns out to work and not be excessively expensive, could also be useful
> > to implement a server-side "connection pooling" of sorts: the postmaster
>
Gaetano Mendola wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi all,
I'm trying to build the rpms for RH9,
I downloaded the srpm for RH9 but I'm stuck on these errors:
RH9 is not a supported platform by RedHat or PGDG.
Attempt a:
# rpmbuild --rebuild postgresql-8.0.7-1PGDG.src.rpm
Alvaro Herrera <[EMAIL PROTECTED]> writes:
> An idea arising in chat with Joshua Drake: the retargetting code, if it
> turns out to work and not be excessively expensive, could also be useful
> to implement a server-side "connection pooling" of sorts: the postmaster
> could keep idle backends and
Richard Huxton wrote:
Andrew - Supernews wrote:
On 2006-04-11, Tom Lane <[EMAIL PROTECTED]> wrote:
I don't feel a need to offer specific examples as requested by Andrew.
Why not? You're basing your entire argument on a false premise (that
pl/pgsql is more powerful than SQL); I can provide spe
Tom Lane wrote:
"Joshua D. Drake" <[EMAIL PROTECTED]> writes:
What does enabling plpgsql do via access that you can't just do from an
SQL query?
SQL isn't Turing-complete --- plpgsql is. So if our would-be hacker has
a need to do some computation incidental to his hack, he can certainly
get i
Can you guarantee unequivocally that there are absolutely not security
issues in plpgsql?
Can you guarantee unequivocally that there are absolutely not security
issues in PostgreSQL?
I believe Tom's point is that it is not possible to do so, and, since
plpgsql isn't something that all ap
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi all,
I'm trying to build the rpms for RH9,
I downloaded the srpm for RH9 but I'm stuck on these errors:
Attempt a:
# rpmbuild --rebuild postgresql-8.0.7-1PGDG.src.rpm
Installing postgresql-8.0.7-1PGDG.src.rpm
error: Failed build dependencies:
On Tue, 11 Apr 2006, Martijn van Oosterhout wrote:
Because there were no non-null rows, the system passed a NULL to the
final func. Seems you have two ways of dealing with this. Mark the
finalfunc as STRICT so the system won't call it with NULL. Or give the
agrregate an INITCOND which is an empt
Martijn van Oosterhout writes:
> The problem in your example is that you're using aggrgates in the case
> statement.
Yeah. The aggregate results are all computed before we start to evaluate
the SELECT output list --- the fact that the aggregate is referenced
within a CASE doesn't save you if the
On Tue, Apr 11, 2006 at 04:43:33PM +0200, Andreas Tille wrote:
> Hi,
>
> when dealing with a bug in the postgresql-plr interface I think
> I found a suboptimal method to process CASE statements. First
> to the problem:
> SELECT median(nonnull), median(mightbenull) from plrtest where flag = 0;
>
Hi,
when dealing with a bug in the postgresql-plr interface I think
I found a suboptimal method to process CASE statements. First
to the problem:
I'm using the Debian packaged version of PLR version 0.6.2-2 (Debian
testing) and found a problem calculating median from a set of
values that contai
On Mon, 2006-04-10 at 02:16, Martijn van Oosterhout wrote:
> The appears to be two seperate cases here though, one is to just farm
> out the read request to another process (basically aio), the other is
> to do actual processing there. The latter is obviously for more useful
> but requires a fair
Hi,
You have to start a background process, then attach to it. If this is
possible in eclipse then it should work.
Typically everyone uses gdb.
Dave
On 9-Apr-06, at 10:55 PM, 李峰 wrote:
pgsql-hackers!
Hi , I want to use eclipse to compiler the postgresql source code
and debug them on
On 2006-04-11, Richard Huxton wrote:
> Andrew - Supernews wrote:
>> On 2006-04-11, Tom Lane <[EMAIL PROTECTED]> wrote:
>>> I don't feel a need to offer specific examples as requested by Andrew.
>>
>> Why not? You're basing your entire argument on a false premise (that
>> pl/pgsql is more powerful
Andrew - Supernews wrote:
On 2006-04-11, Tom Lane <[EMAIL PROTECTED]> wrote:
I don't feel a need to offer specific examples as requested by Andrew.
Why not? You're basing your entire argument on a false premise (that
pl/pgsql is more powerful than SQL); I can provide specific examples of
why t
As I reviewed the win32/sema.c, there is some code that I am not clear, can
anybody explain please?
In semctl(SETVAL):
if (semun.val < sem_counts[semNum])
sops.sem_op = -1;
else
sops.sem_op = 1;
/* Quickly lock/unlock the semaphore (if we can) */
if (semop(semId, &sops, 1) <
67 matches
Mail list logo
