Re: [HACKERS] Time zone database

s quick to cope with changes. (The IETF is not a speedy way to get anything done.) I think that's the biggest reservation I've heard expressed. Anyway, as long as nobody's worried, I can stand mute :) Thanks for the reply. A -- Andrew Sullivan a...@crankycanuck.ca -- Sent vi

[HACKERS] Time zone database

just saw it in passing and remember some of the annoyances that happened in the past. Also, if you want me to see what you have to say, send your mail directly to me or cc: me. I can't really keep up with the volume on this list, and I'm likely to miss it if it's only here. B

Re: [HACKERS] How to get SE-PostgreSQL acceptable

de-off. But I think that's what the resistance to the feature is all about, so you'll need to make the case that the trade-off is a good one. A -- Andrew Sullivan a...@crankycanuck.ca -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers

Re: [HACKERS] 8.4 release planning

the database system under such controls, as though it were a glorified filesystem. I have no idea whether it will work; but to my way of thinking, it's a mindset foreign to the principles of RDBM system design. That could be why some of us react to the proposal with perplexed looks.

Re: [HACKERS] 8.4 release planning

a roadmap of how the patches solve the problem, I'm at a loss. And last I checked (which was, admittedly, not today), the project pages didn't have that information. A -- Andrew Sullivan a...@crankycanuck.ca -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers

Re: [HACKERS] Pluggable Indexes

distinguish beteween " bad idea in principle" and "bad idea in this case". If you're arguing the former, clarifying why the analogies aren't relevant would be helpful. A -- Andrew Sullivan a...@crankycanuck.ca -- Sent via pgsql-hackers mailing list (pgsql-h

Re: [HACKERS] Well done, Hackers

st release using the commitfest model, so there will be things to learn from the 1.0 attempt. A -- Andrew Sullivan [EMAIL PROTECTED] +1 503 667 4564 x104 http://www.commandprompt.com/ -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: htt

Re: [HACKERS] PostgreSQL + Replicator developer meeting 10/28

the case with any product I've ever built, but it is a design I have seen deployed. That design was supposed to be on top of Oracle. There were well over 50 slaves. I don't really believe they had that many Oracle-using slaves, though. A -- Andrew Sullivan [EMAIL PROTECTED] +1 503

Re: [HACKERS] Unicode escapes in literals

h "U+" followed by 4-6 hexadecimal units, but "+" is problematic for other reasons (in some vendor's implementation)? A -- Andrew Sullivan [EMAIL PROTECTED] +1 503 667 4564 x104 http://www.commandprompt.com/ -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgre

Re: [HACKERS] psql Feature request \set query

On Wed, Oct 22, 2008 at 04:14:11PM -0700, Joshua Drake wrote: > > True enough, but a car doesn't roll without at least four wheels. I'm not sure I agree: http://en.wikipedia.org/wiki/Image:1885Benz.jpg (Sorry, I couldn't resist.) -- Andrew Sullivan [EMAIL PROTECTED] +1 5

Re: [HACKERS] SSL cleanups/hostname verification

might be better to call the authentication method TLS, so as not to conflate it with the Netscape-defined SSL. But this is maybe straying into a different topic.] -- Andrew Sullivan [EMAIL PROTECTED] +1 503 667 4564 x104 http://www.commandprompt.com/ -- Sent via pgsql-hackers mailin

Re: [HACKERS] Updates of SE-PostgreSQL 8.4devel patches

On Fri, Oct 10, 2008 at 01:44:49PM +0900, KaiGai Kohei wrote: > Andrew Sullivan wrote: >> I want to focus on this description, because you appear to be limiting >> the problem scope tremendously here. We've moved from "general >> security policy for database

Re: [HACKERS] Updates of SE-PostgreSQL 8.4devel patches

ing to point out that what are the obvious areas of access control from one point of view are not even interesting from another. This is why I think a fairly complete analysis is needed (and why I think it hasn't been done yet). A -- Andrew Sullivan [EMAIL PROTECTED] +1 503 667 4564 x104 http:

Re: [HACKERS] Updates of SE-PostgreSQL 8.4devel patches

uggesting that some additional work clarifying the specific goals of the work is all that's really needed. A -- Andrew Sullivan [EMAIL PROTECTED] +1 503 667 4564 x104 http://www.commandprompt.com/ -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers

Re: [HACKERS] Updates of SE-PostgreSQL 8.4devel patches

ble for anyone to review the implementation of such a big feature and say whether it does what it intends to do. A -- Andrew Sullivan [EMAIL PROTECTED] +1 503 667 4564 x104 http://www.commandprompt.com/ -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers

Re: [HACKERS] Updates of SE-PostgreSQL 8.4devel patches

he proposed use cases. A -- Andrew Sullivan [EMAIL PROTECTED] +1 503 667 4564 x104 http://www.commandprompt.com/ -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers

Re: [HACKERS] Updates of SE-PostgreSQL 8.4devel patches

this is helpful, A -- Andrew Sullivan [EMAIL PROTECTED] +1 503 667 4564 x104 http://www.commandprompt.com/ -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers

Re: [HACKERS] Updates of SE-PostgreSQL 8.4devel patches

ve they published it where we can find it? I have a couple contacts in the security world who might be able to help with references. I'm asking them now. A -- Andrew Sullivan [EMAIL PROTECTED] +1 503 667 4564 x104 http://www.commandprompt.com/ -- Sent via pgsql-hackers maili

Re: [HACKERS] Updates of SE-PostgreSQL 8.4devel patches

;possible disclosure of existence of datum". I think this will be a lot of work, and I'm not volunteering to do it. I nevertheless think that without it, the SE-PostgreSQL features will continue to be a very awkward fit. A -- Andrew Sullivan [EMAIL PROTECTED] +1 503 667 4564 x104 http

Re: [HACKERS] Do we really need a 7.4.22 release now?

On Thu, Sep 18, 2008 at 03:25:10PM -, Greg Sabino Mullane wrote: > Frankly, the whole pg_dump mess is what keeps many people on older versions, > somtimes including 7.4. This isn't my experience. The reasons people stay on older releases are manifold. A -- Andrew Sullivan [EMAI

Re: [HACKERS] [PATCH] Cleanup of GUC units code

to be that different people's common sense leads them to different conclusions. (We had a devastating government in Ontario some years ago that claimed to be doing things that were just common sense; the Province is still cleaning up the mess.) A -- Andrew Sullivan [EMAIL PROTECTED] +1 503

Re: [HACKERS] [PATCH] Cleanup of GUC units code

at harried administrators have to spell these options correctly. Why can't we parse all the file, separating each label by "_". Then if any arrangements of those labels matches a "real" configuration parameter, select that one as the thing to match and

Re: [HACKERS] [PATCH] Cleanup of GUC units code

to me. A -- Andrew Sullivan [EMAIL PROTECTED] +1 503 667 4564 x104 http://www.commandprompt.com/ -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers

Re: [HACKERS] [PATCH] Cleanup of GUC units code

his sort is a serious one, given the orders of magnitude difference. A -- Andrew Sullivan [EMAIL PROTECTED] +1 503 667 4564 x104 http://www.commandprompt.com/ -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers

Re: [HACKERS] Patch: plan invalidation vs stored procedures

On Wed, Aug 20, 2008 at 05:03:19PM +0300, Asko Oja wrote: > > Lets get on with 8.4 Oh, I shoulda mentioned that, too -- I completely support doing this work for 8.4. (I can think of more than one case where this feature alone would be worth the upgrade.) A -- Andrew Sullivan [EMAIL PRO

Re: [HACKERS] Patch: plan invalidation vs stored procedures

the advantage offered by having the source. But the idea that the new functionality should be patched back by the project because one is impatient is not on. A -- Andrew Sullivan [EMAIL PROTECTED] +1 503 667 4564 x104 http://www.commandprompt.com/ -- Sent via pgsql-hackers mailing list (

Re: [HACKERS] Patch: plan invalidation vs stored procedures

at we have lived with in older releases because fixing them was too risky or because the bug was so tiny or unusual as to make the risk greater than the reward. A formal policy that's any more detailed than what's in the FAQ today is a solution in search of a problem. A -- Andrew Sul

Re: [HACKERS] Patch: plan invalidation vs stored procedures

t means "we have already decided to back-patch". A -- Andrew Sullivan [EMAIL PROTECTED] +1 503 667 4564 x104 http://www.commandprompt.com/ -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers

Re: [HACKERS] Should creating a new base type require superuser status?

On Wed, Jul 30, 2008 at 06:07:53PM -0400, Alvaro Herrera wrote: > I do agree that creating base types should require a superuser though. > It too seems dangerous just on principle, even if today there's no > actual hole (that we already know of). I agree. -- Andrew Sullivan [E

Re: [HACKERS] [patch] plproxy v2

pparatus > that isn't "secure by default". This definitely isn't, and from > a PR point of view (if nothing else) that doesn't seem a good idea. I'm less worried about the PR, and more worried about the truck-sized hole this opens in any authentication cont

Re: [HACKERS] Load spikes on 8.1.11

no cost. You still have to talk to all those connections when doing schema changes. A -- Andrew Sullivan [EMAIL PROTECTED] +1 503 667 4564 x104 http://www.commandprompt.com/ -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http:

Re: [HACKERS] Do we really want to migrate plproxy and citext into PG core distribution?

the answer to that is not an infinitely large source tarball? A -- Andrew Sullivan [EMAIL PROTECTED] +1 503 667 4564 x104 http://www.commandprompt.com/ -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers

Re: [HACKERS] Load spikes on 8.1.11

ms. Slony takes some heavy-duty locks when it does its setup work. It's designed that you should have an application outage for this sort of work. Please see previous discussion on the Slony mailing list. A -- Andrew Sullivan [EMAIL PROTECTED] +1 503 667 4564 x104 http://www.commandprompt.com

Re: [HACKERS] Load spikes on 8.1.11

the Slony manual. Slony, frankly, sucks for this use case. The manual says as much, although in more orotund phrases than that. A -- Andrew Sullivan [EMAIL PROTECTED] +1 503 667 4564 x104 http://www.commandprompt.com/ -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make c

Re: [HACKERS] Load spikes on 8.1.11

oblems. This will for sure cause spikes. You need to tell us more about what you're doing. And I bet some of it belongs on the slony lists. A -- Andrew Sullivan [EMAIL PROTECTED] +1 503 667 4564 x104 http://www.commandprompt.com/ -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgre

Re: [HACKERS] A new take on the foot-gun meme

et-guns. People will complain we are interfering with their right to bare feet. Or something. (Apologies, everyone. I guess I better go have more coffee.) A -- Andrew Sullivan [EMAIL PROTECTED] +1 503 667 4564 x104 http://www.commandprompt.com/ -- Sent via pgsql-hackers mailing list (pgsql-h

Re: [HACKERS] TODO Item: Allow pg_hba.conf to specify host names along with IP addresses

#x27;s coming from; that's hardly strong authentication. I agree with Andrew Dunstan that for any real world wide-scale uses, you want to use some sort of strong authentication. A -- Andrew Sullivan [EMAIL PROTECTED] +1 503 667 4564 x104 http://www.commandprompt.com/ -- Sent via pgsql-hacker

Re: [HACKERS] TODO Item: Allow pg_hba.conf to specify host names along with IP addresses

idance at all. I'd be keenly interested in hearing the verdict. A [1] http://tools.ietf.org/wg/dnsop/draft-ietf-dnsop-reverse-mapping-considerations/ -- Andrew Sullivan [EMAIL PROTECTED] +1 503 667 4564 x104 http://www.commandprompt.com/ -- Sent via pgsql-hackers mailing list (pgsql-hackers@

Re: [HACKERS] TODO Item: Allow pg_hba.conf to specify host names along with IP addresses

On Sun, Jun 15, 2008 at 11:53:57PM +0200, Peter Eisentraut wrote: > > Isn't that what a local DNS caching-only server would accomplish? Only if you looked up the DNS name at auth time :) A -- Andrew Sullivan [EMAIL PROTECTED] +1 503 667 4564 x104 http://www.commandprompt.com/ -

Re: [HACKERS] TODO Item: Allow pg_hba.conf to specify host names along with IP addresses

h sysadmins have the worst record of trust to this day. I think we'd be fools to encourage such trust. If you don't look up at _least_ at connection time, this feature should be rejected on the grounds that it opens a new authentication hole a mile wide. A -- Andrew

Re: [HACKERS] TODO Item: Allow pg_hba.conf to specify host names along with IP addresses

you have the right hostname even if the forward and reverse hostnames don't match. A -- Andrew Sullivan [EMAIL PROTECTED] +1 503 667 4564 x104 http://www.commandprompt.com/ -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers

Re: [HACKERS] Core team statement on replication in PostgreSQL

e mails still archived > somewhere? Unless whoever was operating that list moved it to pgfoundry, I doubt it (except on backups somewhere). A -- Andrew Sullivan [EMAIL PROTECTED] +1 503 667 4564 x104 http://www.commandprompt.com/ -- Sent via pgsql-hackers mailing list (pgsql-hackers@p

Re: [HACKERS] Core team statement on replication in PostgreSQL

On Sun, Jun 01, 2008 at 01:43:22PM -0400, Tom Lane wrote: > power to him. (Is the replica-hooks-discuss list still working?) But Yes. And silent as ever. :-) A -- Andrew Sullivan [EMAIL PROTECTED] +1 503 667 4564 x104 http://www.commandprompt.com/ -- Sent via pgsql-hackers mailing l

Re: [HACKERS] Case-Insensitve Text Comparison

t we really need is something a little more like "in-database locale" or something. > I think if you want some special treatment of text for some users, it > should be explicit. Yes. Also, not just text. Think of currency, numeric separators, &c. A -- Andrew Sullivan [EMA

Re: [HACKERS] Table rewrites vs. pending AFTER triggers

sure that it will in fact work on every node. A -- Andrew Sullivan [EMAIL PROTECTED] +1 503 667 4564 x104 http://www.commandprompt.com/ -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers

Re: [HACKERS] Case-Insensitve Text Comparison

On Sun, Jun 01, 2008 at 10:13:07PM -0700, David E. Wheeler wrote: > What locale is right? If I have a Web app, there could be data in many > different languages in a single table/column. I think the above amounts to a need for per-session locale settings or something, no? A --

Re: [HACKERS] Core team statement on replication in PostgreSQL

e features like the one we're discussing to be developed responsibly without making everything else wait for it. A -- Andrew Sullivan [EMAIL PROTECTED] +1 503 667 4564 x104 http://www.commandprompt.com/ -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to

Re: [HACKERS] Core team statement on replication in PostgreSQL

gs. It's just some work to set up. Other systems hide that work. Given that (for instance) psql is really very easy to use once you know a few things, the ongoing pain of simple replication in Postgres is a big wart. A -- Andrew Sullivan [EMAIL PROTECTED] +1 503 667 4564 x104 http://www.comm

Re: [HACKERS] Core team statement on replication in PostgreSQL

mostly can't be used for other things. But those people already have alternatives (maybe even more, and simple ones, soon). The synchronous-needing crowd currently have nothing. The proposed feature would be a huge improvement. A -- Andrew Sullivan [EMAIL PROTECTED] +1 503 667 4564 x104 ht

Re: [HACKERS] replication hooks

have such a clear idea of what _they_ want from their replication that they come to believe "replication" means that. Another thing I like about the current proposal is that it is very clear about what it is (and isn't) aiming for. A -- Andrew Sullivan [EMAIL PROTECTED] +1 503 667 4564 x1

Re: [HACKERS] Core team statement on replication in PostgreSQL

;re proposing would need that kind of proposal too. That isn't to say that I think an API is impossible or undesirable. It is to say that the last few times we tried, it went nowhere; and that I don't think the circumstances have changed. A -- Andrew Sullivan [EMAIL PROTECTED] +1 503 667

Re: [HACKERS] Core team statement on replication in PostgreSQL

re complicated to set up and maintain. (As I've told more than one person looking at it, there is a risk that you'll actually make your installation complicated enough that you'll make it _less_ reliable. I have some bitter personal experiences with this effect, and I know some others on thi

Re: [HACKERS] Core team statement on replication in PostgreSQL

On Thu, May 29, 2008 at 12:11:21PM -0400, Brian Hurt wrote: > > Being able to do read-only queries makes this feature more valuable in more > situations, but I disagree that it's a deal-breaker. Your managers are apparently more enlightened than some. ;-) A -- Andrew Sullivan [E

Re: [HACKERS] Setting a pre-existing index as a primary key

afterwards to make it look like other default primary keys," I have no objection. A -- Andrew Sullivan [EMAIL PROTECTED] +1 503 667 4564 x104 http://www.commandprompt.com/ -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://ww

Re: [HACKERS] [0/4] Proposal of SE-PostgreSQL patches

I'm just not sure that the current proof-of-concept work is what will be needed to address the design goals. I do think that somewhat clearer scope definitions would be a big help in deciding which modifications are really needed, and where. A -- Andrew Sullivan [EMAIL PROTECTED] +1

Re: [HACKERS] [0/4] Proposal of SE-PostgreSQL patches

ses in order to get a broadly useful functionality (so if you can't hide the existence of a table, but all efforts to learn its contents don't work, I might be willing to support that trade-off). A -- Andrew Sullivan [EMAIL PROTECTED] +1 503 667 4564 x104 http://www.commandprompt.com/

Re: [HACKERS] [0/4] Proposal of SE-PostgreSQL patches

ly incompatible with the design of Postgres (i.e. not an "enhancement" but a "reconception") or else as being implementable with another approach. A -- Andrew Sullivan [EMAIL PROTECTED] +1 503 667 4564 x104 http://www.commandprompt.com/ -- Sent via pgsql-hackers mailing list (p

Re: [HACKERS] Protection from SQL injection

On Fri, May 02, 2008 at 03:58:01PM -0400, Chris Browne wrote: > Andrew Sullivan recently had some choice words about the merits of > ENUM; I think the same applies to drivers that do > PQexec("COMMIT;BEGIN")... Oh, heaven. I can at least think of ways to use ENUM such that

Re: [HACKERS] Odd timezone backend output

The time zone 7 hours west from UTC (equivalent to > PDT). Positive values are east from UTC. INTERVAL '-08:00' HOUR > TO MINUTE > The time zone 8 hours west from UTC (equivalent to PST). A -- Andrew Sullivan [EMAIL PROTECTED] +1 503 667 4564 x104 http://www.co

Re: [HACKERS] Odd timezone backend output

ions that don't switch, either. Arizona doesn't switch mostly, but they're in Mountain time), the same thing happens. A -- Andrew Sullivan [EMAIL PROTECTED] +1 503 667 4564 x104 http://www.commandprompt.com/ -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers

Re: [HACKERS] Protection from SQL injection

not an argument that the simple change that is effective for only one class of attacks is a bad idea. Making the battlefield smaller is one thing one can do to decrease one's exposure to attack. A -- Andrew Sullivan [EMAIL PROTECTED] +1 503 667 4564 x104 http://www.commandprompt.com/ --

Re: [HACKERS] Protection from SQL injection

thread...) That's a much more elegant way of putting what I thought. Thanks, Tom. A -- Andrew Sullivan [EMAIL PROTECTED] +1 503 667 4564 x104 http://www.commandprompt.com/ -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://w

Re: [HACKERS] Odd timezone backend output

imestamptz; > timestamptz > > Wed Jan 29 15:31:42.92214 1997 EST January is in Standard time in Eastern zones. Note that you asked for 1997-01-29 12:31:42.92214 EDT, and got back what time that would be _for your actual timezone_. S

Re: [HACKERS] Protection from SQL injection

it's possible to turn it off (we'd probably need to make it require a server restart to make it really effective), I think it could be useful. A -- Andrew Sullivan [EMAIL PROTECTED] +1 503 667 4564 x104 http://www.commandprompt.com/ -- Sent via pgsql-hackers mailing list (pgsql-hacker

Re: [HACKERS] Protection from SQL injection

is rule. Maybe a way of insisting on PQExecParams() instead of anything else? A -- Andrew Sullivan [EMAIL PROTECTED] +1 503 667 4564 x104 http://www.commandprompt.com/ -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.po

Re: [HACKERS] Protection from SQL injection

[I know, I know, bad form] On Tue, Apr 29, 2008 at 04:55:21PM -0400, Andrew Sullivan wrote: > thinking they have to worry about that area of security at all. I > think without a convincing argument that the proposal will even come > close to covering most SQL injection cases, it

Re: [HACKERS] Protection from SQL injection

ven come close to covering most SQL injection cases, it's a bad idea. A -- Andrew Sullivan [EMAIL PROTECTED] +1 503 667 4564 x104 http://www.commandprompt.com/ -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql

Re: [HACKERS] we don't have a bugzilla

t in 1998, and that virtually every list server software shipping since about 2000 has it built in and turned on by default, I fail completely to see how using something as free-form as a signature footer is supposed to be an improvement. A -- Andrew Sullivan [EMAIL PROTECTED] +1 503

Re: [HACKERS] we don't have a bugzilla

ere's an RFC that tells us how such headers are supposed to work? A -- Andrew Sullivan [EMAIL PROTECTED] +1 503 667 4564 x104 http://www.commandprompt.com/ -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers

Re: [HACKERS] Commit fest queue

On Fri, Apr 11, 2008 at 06:46:18PM +0100, Gregory Stark wrote: > As an aside, you've reminded me about another thing that bothers me about > Bugzilla and RT. In both cases they seem to put a lot of focus around the > idea of "searching" bugs. I don't really get why. To be fair to RT, it's really

Re: [HACKERS] [GENERAL] SHA1 on postgres 8.3

On Wed, Apr 02, 2008 at 05:09:14PM -0400, Andrew Dunstan wrote: > Standard Modules". Maybe we could rename the directory "modules". IIRC This seems like an easy and practical answer. A -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription:

Re: [HACKERS] [pgsql-www] New email list for emergency communications

On Mon, Mar 24, 2008 at 06:39:25PM -0400, Andrew Dunstan wrote: > perusing a mailbox again. We have unfortunately been badly underprepared > for this. Surely that there is an emerging consensus to that effect means that it's not as unfortunate as it might be? I seem to recall the original annou

Re: [HACKERS] UUID data format 4x-4x-4x-4x-4x-4x-4x-4x

On Thu, Feb 28, 2008 at 08:58:01AM -0800, Josh Berkus wrote: > Well, I guess the question is: if we don't offer some builtin way to render > non-standard formats built into company products, will those companies fix > their format or just not use PostgreSQL? Well, there is an advantage that Pos

Re: [HACKERS] Including PL/PgSQL by default

On Thu, Feb 21, 2008 at 10:43:27AM -0800, Joshua D. Drake wrote: > often. It is poor implementation and proof that the theoretical > security implications that are being brought up in this thread are far > from the practical reality. "We have this hole over here for historical reasons, so let's m

Re: [HACKERS] Including PL/PgSQL by default

On Tue, Feb 19, 2008 at 08:37:51PM -0500, Andrew Dunstan wrote: > > The way I intended to do it would indeed allow it to be undone simply by > executing 'drop language plpgsql' in template1. Why isn't it enough that administrators can do CREATE LANGUAGE plpgsql in template1? I think this is c

Re: [HACKERS] VACUUM FULL out of memory

On Tue, Jan 08, 2008 at 05:53:28PM +, Sam Mason wrote: > What about a stored procedure in a language that allows you to do > system(3) calls? PL/bash? (I think there is something like this). But surely the ulimit before start is much easier! A ---(end of broadcast)

Re: [HACKERS] VACUUM FULL out of memory

On Tue, Jan 08, 2008 at 05:27:16PM +0100, Michael Akinde wrote: > > > Those are the ulimits of the db_admin account (i.e., the user that set > up and runs the DB processes). Is Postgres limited by other settings? Are you sure? On one system I used many years ago, /bin/sh wasn't what I thought

Re: [HACKERS] Dynamic Partitioning using Segment Visibility Maps

On Tue, Jan 08, 2008 at 02:12:28AM +, Gregory Stark wrote: > > Yes: it doesn't solve the problem I have, which is that I don't want to > > have to manage a whole bunch of tables. I want one table, and I want to > > be able to say, "That section is closed". > > That's not your problem, that's

Re: [HACKERS] Dynamic Partitioning using Segment Visibility Maps

On Tue, Jan 08, 2008 at 01:08:52AM +0100, Markus Schiltknecht wrote: > > Uh, which key are you talking about? AFAIU Simon's proposal, he suggests > maintaining min/max values for all columns of the table. Right, but I think that's just because that approach is automatable. Only some use cases a

Re: [HACKERS] VACUUM FULL out of memory

(I learned this through painful experience, and confess it's one of the many reasons I think AIX should be prounounced as one word, rather than three letters.) > Andrew Sullivan wrote: > > Something is using up the memory on the machine, or (I'll bet this is > more > >

Re: [HACKERS] Dynamic Partitioning using Segment Visibility Maps

On Mon, Jan 07, 2008 at 07:16:35PM +0100, Markus Schiltknecht wrote: > > Does anything speak against letting the DBA handle partitions as relations? Yes: it doesn't solve the problem I have, which is that I don't want to have to manage a whole bunch of tables. I want one table, and I want to be

Re: [HACKERS] VACUUM FULL out of memory

On Mon, Jan 07, 2008 at 10:40:23AM +0100, Michael Akinde wrote: > As suggested, I tested a VACUUM FULL ANALYZE with 128MB shared_buffers > and 512 MB reserved for maintenance_work_mem (on a 32 bit machine with 4 > GB RAM). That ought to leave more than enough space for other processes > in the s

Re: [HACKERS] Dynamic Partitioning using Segment Visibility Maps

On Sat, Jan 05, 2008 at 08:02:41PM +0100, Markus Schiltknecht wrote: > Well, management of relations is easy enough, known to the DBA and most > importantly: it already exists. Having to set up something which is > *not* tied to a relation complicates things just because it's an > additional con

Re: [HACKERS] Dynamic Partitioning using Segment Visibility Maps

On Fri, Jan 04, 2008 at 10:26:54PM +0100, Markus Schiltknecht wrote: > > I'm still puzzled about how a DBA is expected to figure out which > segments to mark. I think that part might be hand-wavy still. But once this facility is there, what's to prevent the current active segment (and the rest

Re: [HACKERS] SSL over Unix-domain sockets

On Fri, Jan 04, 2008 at 02:37:03PM -0500, Bruce Momjian wrote: > The problem with adding SSL to local sockets is this slippery slope > where we only do part of the job, but it isn't clear where to draw the > line. I don't think "part of the job" for a patch is a slippery slope. It's what you do w

Re: [HACKERS] Index performance

On Thu, Jan 03, 2008 at 07:11:07AM +0200, Brian Modra wrote: > Thanks, I think you have me on the right track. I'm testing a vacuum > analyse now to see how long it takes, and then I'll set it up to > automatically run every night (so that it has a chance to complete > before about 6am.) Note that

Re: [HACKERS] Dynamic Partitioning using Segment Visibility Maps

On Fri, Jan 04, 2008 at 01:29:55PM +0100, Markus Schiltknecht wrote: > > Agreed. Just a minor note: I find "marked read-only" too strong, as it > implies an impossibility to write. I propose speaking about mostly-read > segments, or optimized for reading or similar. I do want some segments to b

Re: [HACKERS] Index performance

On Wed, Jan 02, 2008 at 05:53:35PM +0200, Brian Modra wrote: > This table is added to in real time, at least 10 rows per second. [. . .] > If I do a select which uses the pkey index, where equal to the ID > column, and greater than one of the values, which should return about > 1500 rows, it some

Re: [HACKERS] Slow count(*)

On Wed, Jan 02, 2008 at 09:29:24AM -0600, Abraham, Danny wrote: > We are looking for a patch that will help us count using the indexes. Is this for SELECT count(*) FROM table; or SELECT count(1) FROM table WHERE. . . The latter _will_ use an index, if the ind

Re: [HACKERS] Spoofing as the postmaster

On Fri, Dec 28, 2007 at 07:48:22AM -0800, Trevor Talbot wrote: > I don't follow. What are banks doing on the web now to force clients > to authenticate them, and how is it any different from the model of > training users to check the SSL certificate? Some banks (mostly Swiss and German, from what

Re: [HACKERS] Spoofing as the postmaster

On Sat, Dec 29, 2007 at 02:09:23AM +1100, Naz Gassiep wrote: > In the web world, it is the client's responsibility to ensure that they > check the SSL cert and don't do their banking at > www.bankofamerica.hax0r.ru and there is nothing that the real banking > site can do to stop them using their

Re: [HACKERS] Spoofing as the postmaster

On Sun, Dec 23, 2007 at 01:45:14AM -0500, Tom Lane wrote: > > The primary reason things work like that is that there are boatloads of > machines that are marginally misconfigured. For instance, userland > thinks there is IPv6 support when the kernel thinks not (or vice versa). Not only "marginal

Re: [HACKERS] Spoofing as the postmaster

On Mon, Dec 24, 2007 at 12:04:16AM +0100, Tomasz Ostrowski wrote: > > Not at all, as it won't run as root, it'll just start as root and > then give up all root privileges. The only thing it would have after > being root is just an open socket. If you think that is complete protection against priv

Re: [HACKERS] Spoofing as the postmaster

On Sun, Dec 23, 2007 at 09:52:14PM +0100, Magnus Hagander wrote: > My point is that all these other server products have the exact same > issue. And that they deal with it the exact same we do - pretty much > leave it up to the guy who configure the server to realize that's just > how things work.

Re: [HACKERS] function body actors (was: [PERFORM] viewing source code)

On Fri, Dec 21, 2007 at 04:19:51PM -0500, Tom Lane wrote: > > 2. Protect the content of a field from _some_ users on a given system, > > I would argue that (2) is reasonably well served today by setting up > separate databases for separate users. I thought actually this was one of the use-cases

Re: [HACKERS] function body actors (was: [PERFORM] viewing source code)

On Fri, Dec 21, 2007 at 01:57:44PM -0500, Tom Lane wrote: > "Merlin Moncure" <[EMAIL PROTECTED]> writes: > > ISTM the main issue is how exactly the authenticated user interacts > > with the actor to give it the information it needs to get the real > > key. This is significant because we don't want

Re: [HACKERS] function body actors (was: [PERFORM] viewing source code)

On Fri, Dec 21, 2007 at 12:40:05AM -0500, Tom Lane wrote: > whether there is a useful policy for it to implement. Andrew Sullivan > argued upthread that we cannot get anywhere with both keys and encrypted > function bodies stored in the same database (I hope that's an adequate &g

Re: [HACKERS] function body actors (was: [PERFORM] viewing source code)

On Fri, Dec 21, 2007 at 12:09:28AM -0500, Merlin Moncure wrote: > Maybe a key management solution isn't required. If, instead of > strictly wrapping a language with an encryption layer, we provide > hooks (actors) that have the ability to operate on the function body > when it arrives and leaves p

Re: [HACKERS] Testing mail list

On Wed, Dec 19, 2007 at 11:15:37AM -0500, Tom Lane wrote: > hoping to draw responses from careless people? I've heard of web > comment-spammers who try to get other people to decode captchas > for them this way. Yes. This is the latest spammer trick. They get people all over the globe to decode

Re: [HACKERS] Negative LIMIT and OFFSET?

On Sun, Dec 16, 2007 at 12:31:11PM -0500, Tom Lane wrote: > > Well, I wouldn't advocate making it in a minor release, but it's not > clear how that translates into saying it can't go into 8.3. Just because we're well past feature freeze, in beta. I realise this seems like a corner case, but the

  1   2   3   4   >