just
saw it in passing and remember some of the annoyances that happened in
the past.
Also, if you want me to see what you have to say, send your mail
directly to me or cc: me. I can't really keep up with the volume on
this list, and I'm likely to miss it if it's only here.
B
s quick to
cope with changes. (The IETF is not a speedy way to get anything
done.) I think that's the biggest reservation I've heard expressed.
Anyway, as long as nobody's worried, I can stand mute :)
Thanks for the reply.
A
--
Andrew Sullivan
a...@crankycanuck.ca
--
Sent vi
n
happens is interesting, but I don't think it's democratic.
A
--
Andrew Sullivan | [EMAIL PROTECTED]
Information security isn't a technological problem. It's an economics
problem.
--Bruce Schneier
---(end of broadcast)--
he Linux
model is the one to ape. PostgreSQL has a history with remarkably
few of those blunders, and I'd hate to give that up.
A
--
Andrew Sullivan | [EMAIL PROTECTED]
If they don't do anything, we don't need their acronym.
--Josh Hamilton, on the US FEM
This would also
have the happy paedogogical effect that those newer reviewers would
learn more of the code in each cycle. I think this is similar to a
previous suggestion someone made about "mentored review", but it
doesn't require formal mentoring for it to get started.
A
--
A
weaking the OS
> settings.
Do you mean "change the OS settings" or something else? (I'm not
sure it's true in any case, because shared memory kernel settings
have to be fiddled with in many instances, but I thought I'd ask for
clarification.)
A
--
Andrew Sullivan | [EMAIL
relevant, but maybe
others have thought about some of these things. I haven't read the
draft, note.)
http://tools.ietf.org/html/draft-ietf-syslog-protocol-20
There's also the discussion of reliability in RFC 3195:
ftp://ftp.rfc-editor.org/in-notes/rfc3195.txt
A
--
Andrew Sullivan
on what kind of hosting environment
you're in (if I'm paying for dedicated hosting, you better believe
I'm going to insist they tune the kernel the way I want), but you're
right that in shared hosting for $25/mo, it's not going to happen.
A
--
Andrew Sullivan | [EMAIL PROTECTED]
ampaigns to
legal departments in companies that insist on such disclaimers,
pointing out the folly of their ways and asking that the policy be
changed to distinguish between list-posting and non-list-posting
accounts.
A
--
Andrew Sullivan | [EMAIL PROTECTED]
The plural
e commercial support companies). I'm uncomfortable with
such a policy, but it'd be better than "ignore these nasty corporate
victims", which is what the proposal so far sounds like to me.
A
--
Andrew Sullivan | [EMAIL PROTECTED]
I remember when computers were
agree that some commitment is needed, though.
A
--
Andrew Sullivan | [EMAIL PROTECTED]
The whole tendency of modern prose is away from concreteness.
--George Orwell
---(end of broadcast)---
TIP 9: In versions below 8.0, the planner will ign
't gotten that far yet.)
Nevertheless, I think that Tom's original suggestion was at least a
HINT, which seems perfectly reasonable to me.
A
--
Andrew Sullivan | [EMAIL PROTECTED]
This work was visionary and imaginative, and goes to show that visionary
and imaginative work need no
On Thu, Jun 21, 2007 at 11:55:56AM -0400, Tom Lane wrote:
> where the HINT gets appended if there's something after the integer but
> it doesn't look like any of the allowed units. Objections?
Sounds like a good idea to me.
A
--
Andrew Sullivan | [EMAIL PROTECTED]
The ve
ripts would only
have to be altered to include --default-authentication="trust" or
something like that. Using this approach, packagers can also
continue to do what they want.
A
--
Andrew Sullivan | [EMAIL PROTECTED]
However important originality may be in some fields, restraint and
adher
some people think it's a bad thing that you
run superuser-type commands without reading the manual, and then get
a badly-secured system. (The idea here, incidentally, is not to
replace the initdb-time option, but to set the default of the initdb
command.)
A
--
Andrew Sullivan | [EMAIL PR
clamouring for this and I see at least one person
strongly opposed. I think it should be regarded as Dead, Jim.
A
--
Andrew Sullivan | [EMAIL PROTECTED]
I remember when computers were frustrating because they *did* exactly what
you told them to. That actually seems sort of quaint now.
On Wed, Jul 11, 2007 at 10:43:23AM -0400, Chris Browne wrote:
> The right resolution to this is not, a priori, evident yet.
_A posteriori_, though, it seems to me the right resolution is "don't
do that" ;-)
A
--
Andrew Sullivan | [EMAIL PROTECTED]
Users never remark, "Wo
e the
files, but on a production system, you'd violate the semantics of 2PC
by doing this?
A
--
Andrew Sullivan | [EMAIL PROTECTED]
Users never remark, "Wow, this software may be buggy and hard
to use, but at least there is a lot of code underneath."
e already been
> committed.
But how do you know which file to delete? Is it keyed to the
transaction identifier or something?
A
--
Andrew Sullivan | [EMAIL PROTECTED]
However important originality may be in some fields, restraint and
adherence to procedure emerge as the more significant virtues
those
files, because the commitment you made before crash when you accepted
a PREPARE TRANSACTION is going to be gone, which violates the 2PC
rules.
A
--
Andrew Sullivan | [EMAIL PROTECTED]
When my information changes, I alter my conclusions. What do you do sir?
--a
s one thing to say, "If you are
completely hosed, you will lose some data." But 2PC is making some
pretty strong promises, and I sort of hate it that it's not real hard
to break things in such a way that those promises have to be broken.
A
--
Andrew Sullivan | [EMAIL PROTECTED]
W
reby losing only that prepared
transaction instead of all of them? (I'm not suggesting that no data
must ever be lost in this case; just that we should lose the minimum
necessary to make the system work.)
A
--
Andrew Sullivan | [EMAIL PROTECTED]
A certain description of men are for getting out
shipped, and adding incremental changes
near the end of the cycle strikes me as a possible source of
significant additional surprises (and therefore delays). I am no
code expert, though; I just wanted to be sure there's consensus on
the simplicity of the changes.
A
--
Andrew Sullivan | [EM
t up a project on pgfoundry.
A
--
Andrew Sullivan | [EMAIL PROTECTED]
The very definition of "news" is "something that hardly ever happens."
--Bruce Schneier
---(end of broadcast)---
TIP 5: don't forget to increase your free space map settings
run
such object code without inspecting its safety is an excercise in
speculation I don't care to pursue.
A
--
Andrew Sullivan | [EMAIL PROTECTED]
The plural of anecdote is not data.
--Roger Brinner
---(end of broadcast)---
TIP 5: don't forget to increase your free space map settings
evealed as encumbered with needless weight that may foil casual
users, but that are trivially broken by anyone actually interested in
doing the breaking.
A
--
Andrew Sullivan | [EMAIL PROTECTED]
In the future this spectacle of the middle classes shocking the avant-
garde will probably become
d.
>
> The proposed change doesn't fail either of these.
>From what I can see upthread, it fails 1 and possibly 2. Given that
we don't seem to know _why_ it is forbidden, there could well be a
case under 2 is a problem, and we haven't thought of it.
A
--
Andrew Sullivan
obody has committed to
doing it.
A
--
Andrew Sullivan | [EMAIL PROTECTED]
In the future this spectacle of the middle classes shocking the avant-
garde will probably become the textbook definition of Postmodernism.
--Brad Holland
---(end of
If someone can originate spoofed TCP packets from 127.0.0.1,
you gots bigger problems than them being able to lie about the
identity of a user.
A
--
Andrew Sullivan | [EMAIL PROTECTED]
However important originality may be in some fields, restraint and
adherence to procedure emerge as the more signi
in
very bad shape. (That isn't to say I think it's a good idea; but
rather, that I hope the network is well enough run that, even if you
did run it, it would not represent a real risk.)
--
Andrew Sullivan | [EMAIL PROTECTED]
This work was visionary and imaginative, and goes to show that
I personally prefer cryptographic authentication for this
reason (but it's not perfect either -- if someone has root, they have
root. You're hosed). None of my employers ever seem willing to pay
the additional overhead, however.
A
--
Andrew Sullivan | [EMAIL PROTECTED]
The p
x27;re running vmware or something like it
> and you're bridging it on to your network. Will your ip filters
> will still kick in for bridged packets? Are you 100.0% sure?
I dunno, but I do know that I'd test it before I started doing it :)
A
--
Andrew Sullivan | [EMAIL PROTECTED]
les on the Backup FTP-Server.
It seems that what you want is near-real-time online backups with _no
cost_, which is not a feature that I think anyone will ever work on.
A
--
Andrew Sullivan | [EMAIL PROTECTED]
Users never remark, "Wow, this software may be buggy and hard
to use, bu
do that, no?
A
--
Andrew Sullivan | [EMAIL PROTECTED]
---(end of broadcast)---
TIP 3: Have you checked our extensive FAQ?
http://www.postgresql.org/docs/faq
int that this is a bug fix,
IMO.
A
--
Andrew Sullivan | [EMAIL PROTECTED]
The plural of anecdote is not data.
--Roger Brinner
---(end of broadcast)---
TIP 6: explain analyze is your friend
d include a
standard set of such sugar if they wanted.
A
--
Andrew Sullivan
Old sigs will return after re-constitution of blue smoke
---(end of broadcast)---
TIP 4: Have you searched our list archives?
http://archives.postgresql.org
memory and cache management.
A
--
Andrew Sullivan
Old sigs will return after re-constitution of blue smoke
---(end of broadcast)---
TIP 1: if posting/reading through Usenet, please send an appropriate
subscribe-nomail command to [EMAIL PROTEC
agree with what Tom says, however, about people thinking they're
smarter than the system. Much of the time, this sort of thumb on the scale
optimisation just moves the cost to some other place, and the admin's
analysis isn't comprehensive enough to turn that up until it's all turned
week yet gone
by where someone doesn't post to -performance with that problem?). So I'm
divided on whether actually providing the facility is a good idea, even
though I can think of a handful of cases where I doubt even the smartest
planner will get it right. (By analogy, pinning in memory
s" to a feature that can be implemented.
Perhaps now is the time to list some specific performance areas you want to
fix up?
A
--
Andrew Sullivan
Old sigs will return after re-constitution of blue smoke
---(end of broadcast)---
TIP 3: Have you che
On Tue, Dec 11, 2007 at 11:12:46AM +, Simon Riggs wrote:
>
> Read-Only Tables
>
In the past when this topic came up, there was some discussion of doing this
at a level somewhere below the table horizon. There are a number of nasty
limitations for partitions currently (not th
On Wed, Dec 12, 2007 at 12:14:43PM +0100, Zeugswetter Andreas ADI SD wrote:
> Uniqueness is currently perfectly practical, when the unique index
> contains
> the column[s] that is/are used in a non overlapping partitioning scheme.
Well, yes, assuming you have no bugs. Part of the reason I want th
On Wed, Dec 12, 2007 at 12:58:11PM +0100, Zeugswetter Andreas ADI SD wrote:
> Wouldn't one very substantial requirement of such storage be to
> have it independent of db version, or even db product? Keeping
> old hardware and software around can be quite expensive.
This was one of the explicit req
On Wed, Dec 12, 2007 at 07:07:57PM +, Simon Riggs wrote:
>
> Enforcing uniqueness with a global index has a number of disadvantages.
This is why I was trying to talk about "constraints" rather than global
indexes. Just because we happen to implement them that way today does not
mean that suc
On Fri, Dec 14, 2007 at 01:47:23AM +, Gregory Stark wrote:
> Huh, I was all set to post an example of a useful application of it but then
> apparently I'm wrong and it doesn't work:
I dimly remember some discussion of this issue once before, maybe a year
ago. My memory isn't what it was, and
On Thu, Dec 13, 2007 at 10:06:35PM -0500, Tom Lane wrote:
> of a negative limit, it's meeting its spec. If you want to throw an
> error for negative limit, shouldn't you logically also throw an error
Should it be a WARNING?
A
---(end of broadcast)---
On Thu, Dec 13, 2007 at 10:01:43PM -0500, Jonah H. Harris wrote:
> Man, maybe my mad Google skillz are not as mad as I thought :(
Hey, I worked in a library some years ago, when Google was just a googlet,
and I couldn't find it either. It's a dim memory, note. Which could mean
"artifact". I'm o
On Fri, Dec 14, 2007 at 09:02:04AM +, Gregory Stark wrote:
>
> Oh, and incidentally the problem with WARNING is that this is DML which could
> potentially be executing hundreds or thousands of times per minute. A WARNING
> is effectively an ERROR.
Good point. Also, the sort of case where you
On Thu, Dec 13, 2007 at 11:31:17PM -0500, Merlin Moncure wrote:
>
> for historical record, this comment (subject not directly related to
> the OP) was probably this:
> http://www.mail-archive.com/pgsql-hackers@postgresql.org/msg62562.html
Bingo. Thanks!
A
---(end of br
On Fri, Dec 14, 2007 at 06:42:24PM -0500, Tom Lane wrote:
>
> How do people feel about applying this to 8.3, rather than holding it?
To me, this is a feature change, and therefore should be held.
A
---(end of broadcast)---
TIP 5: don't forget to
On Sun, Dec 16, 2007 at 12:31:11PM -0500, Tom Lane wrote:
>
> Well, I wouldn't advocate making it in a minor release, but it's not
> clear how that translates into saying it can't go into 8.3.
Just because we're well past feature freeze, in beta. I realise this seems
like a corner case, but the
On Wed, Dec 19, 2007 at 11:15:37AM -0500, Tom Lane wrote:
> hoping to draw responses from careless people? I've heard of web
> comment-spammers who try to get other people to decode captchas
> for them this way.
Yes. This is the latest spammer trick. They get people all over the globe
to decode
On Fri, Dec 21, 2007 at 12:09:28AM -0500, Merlin Moncure wrote:
> Maybe a key management solution isn't required. If, instead of
> strictly wrapping a language with an encryption layer, we provide
> hooks (actors) that have the ability to operate on the function body
> when it arrives and leaves p
On Fri, Dec 21, 2007 at 12:40:05AM -0500, Tom Lane wrote:
> whether there is a useful policy for it to implement. Andrew Sullivan
> argued upthread that we cannot get anywhere with both keys and encrypted
> function bodies stored in the same database (I hope that's an adequate
&g
On Fri, Dec 21, 2007 at 01:57:44PM -0500, Tom Lane wrote:
> "Merlin Moncure" <[EMAIL PROTECTED]> writes:
> > ISTM the main issue is how exactly the authenticated user interacts
> > with the actor to give it the information it needs to get the real
> > key. This is significant because we don't want
On Fri, Dec 21, 2007 at 04:19:51PM -0500, Tom Lane wrote:
> > 2. Protect the content of a field from _some_ users on a given system,
>
> I would argue that (2) is reasonably well served today by setting up
> separate databases for separate users.
I thought actually this was one of the use-cases
On Mon, Dec 24, 2007 at 12:04:16AM +0100, Tomasz Ostrowski wrote:
>
> Not at all, as it won't run as root, it'll just start as root and
> then give up all root privileges. The only thing it would have after
> being root is just an open socket.
If you think that is complete protection against priv
On Sun, Dec 23, 2007 at 09:52:14PM +0100, Magnus Hagander wrote:
> My point is that all these other server products have the exact same
> issue. And that they deal with it the exact same we do - pretty much
> leave it up to the guy who configure the server to realize that's just
> how things work.
On Sun, Dec 23, 2007 at 01:45:14AM -0500, Tom Lane wrote:
>
> The primary reason things work like that is that there are boatloads of
> machines that are marginally misconfigured. For instance, userland
> thinks there is IPv6 support when the kernel thinks not (or vice versa).
Not only "marginal
On Sat, Dec 29, 2007 at 02:09:23AM +1100, Naz Gassiep wrote:
> In the web world, it is the client's responsibility to ensure that they
> check the SSL cert and don't do their banking at
> www.bankofamerica.hax0r.ru and there is nothing that the real banking
> site can do to stop them using their
On Fri, Dec 28, 2007 at 07:48:22AM -0800, Trevor Talbot wrote:
> I don't follow. What are banks doing on the web now to force clients
> to authenticate them, and how is it any different from the model of
> training users to check the SSL certificate?
Some banks (mostly Swiss and German, from what
On Wed, Jan 02, 2008 at 09:29:24AM -0600, Abraham, Danny wrote:
> We are looking for a patch that will help us count using the indexes.
Is this for
SELECT count(*) FROM table;
or
SELECT count(1) FROM table WHERE. . .
The latter _will_ use an index, if the ind
On Wed, Jan 02, 2008 at 05:53:35PM +0200, Brian Modra wrote:
> This table is added to in real time, at least 10 rows per second.
[. . .]
> If I do a select which uses the pkey index, where equal to the ID
> column, and greater than one of the values, which should return about
> 1500 rows, it some
On Fri, Jan 04, 2008 at 01:29:55PM +0100, Markus Schiltknecht wrote:
>
> Agreed. Just a minor note: I find "marked read-only" too strong, as it
> implies an impossibility to write. I propose speaking about mostly-read
> segments, or optimized for reading or similar.
I do want some segments to b
On Thu, Jan 03, 2008 at 07:11:07AM +0200, Brian Modra wrote:
> Thanks, I think you have me on the right track. I'm testing a vacuum
> analyse now to see how long it takes, and then I'll set it up to
> automatically run every night (so that it has a chance to complete
> before about 6am.)
Note that
On Fri, Jan 04, 2008 at 02:37:03PM -0500, Bruce Momjian wrote:
> The problem with adding SSL to local sockets is this slippery slope
> where we only do part of the job, but it isn't clear where to draw the
> line.
I don't think "part of the job" for a patch is a slippery slope. It's what
you do w
On Fri, Jan 04, 2008 at 10:26:54PM +0100, Markus Schiltknecht wrote:
>
> I'm still puzzled about how a DBA is expected to figure out which
> segments to mark.
I think that part might be hand-wavy still. But once this facility is
there, what's to prevent the current active segment (and the rest
On Sat, Jan 05, 2008 at 08:02:41PM +0100, Markus Schiltknecht wrote:
> Well, management of relations is easy enough, known to the DBA and most
> importantly: it already exists. Having to set up something which is
> *not* tied to a relation complicates things just because it's an
> additional con
On Mon, Jan 07, 2008 at 10:40:23AM +0100, Michael Akinde wrote:
> As suggested, I tested a VACUUM FULL ANALYZE with 128MB shared_buffers
> and 512 MB reserved for maintenance_work_mem (on a 32 bit machine with 4
> GB RAM). That ought to leave more than enough space for other processes
> in the s
On Mon, Jan 07, 2008 at 07:16:35PM +0100, Markus Schiltknecht wrote:
>
> Does anything speak against letting the DBA handle partitions as relations?
Yes: it doesn't solve the problem I have, which is that I don't want to have
to manage a whole bunch of tables. I want one table, and I want to be
(I learned this through
painful experience, and confess it's one of the many reasons I think AIX
should be prounounced as one word, rather than three letters.)
> Andrew Sullivan wrote:
> > Something is using up the memory on the machine, or (I'll bet this is
> more
> >
On Tue, Jan 08, 2008 at 05:27:16PM +0100, Michael Akinde wrote:
> >
> Those are the ulimits of the db_admin account (i.e., the user that set
> up and runs the DB processes). Is Postgres limited by other settings?
Are you sure?
On one system I used many years ago, /bin/sh wasn't what I thought
On Tue, Jan 08, 2008 at 01:08:52AM +0100, Markus Schiltknecht wrote:
>
> Uh, which key are you talking about? AFAIU Simon's proposal, he suggests
> maintaining min/max values for all columns of the table.
Right, but I think that's just because that approach is automatable. Only
some use cases a
On Tue, Jan 08, 2008 at 02:12:28AM +, Gregory Stark wrote:
> > Yes: it doesn't solve the problem I have, which is that I don't want to
> > have to manage a whole bunch of tables. I want one table, and I want to
> > be able to say, "That section is closed".
>
> That's not your problem, that's
On Tue, Jan 08, 2008 at 05:53:28PM +, Sam Mason wrote:
> What about a stored procedure in a language that allows you to do
> system(3) calls?
PL/bash? (I think there is something like this). But surely the ulimit
before start is much easier!
A
---(end of broadcast)
oblems. This will for sure cause spikes.
You need to tell us more about what you're doing. And I bet some of
it belongs on the slony lists.
A
--
Andrew Sullivan
[EMAIL PROTECTED]
+1 503 667 4564 x104
http://www.commandprompt.com/
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgre
the Slony manual.
Slony, frankly, sucks for this use case. The manual says as much,
although in more orotund phrases than that.
A
--
Andrew Sullivan
[EMAIL PROTECTED]
+1 503 667 4564 x104
http://www.commandprompt.com/
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make c
ms. Slony
takes some heavy-duty locks when it does its setup work. It's
designed that you should have an application outage for this sort of
work. Please see previous discussion on the Slony mailing list.
A
--
Andrew Sullivan
[EMAIL PROTECTED]
+1 503 667 4564 x104
http://www.commandprompt.com
the answer to
that is not an infinitely large source tarball?
A
--
Andrew Sullivan
[EMAIL PROTECTED]
+1 503 667 4564 x104
http://www.commandprompt.com/
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
no cost. You still have to talk to all those
connections when doing schema changes.
A
--
Andrew Sullivan
[EMAIL PROTECTED]
+1 503 667 4564 x104
http://www.commandprompt.com/
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http:
pparatus
> that isn't "secure by default". This definitely isn't, and from
> a PR point of view (if nothing else) that doesn't seem a good idea.
I'm less worried about the PR, and more worried about the truck-sized
hole this opens in any authentication cont
On Wed, Jul 30, 2008 at 06:07:53PM -0400, Alvaro Herrera wrote:
> I do agree that creating base types should require a superuser though.
> It too seems dangerous just on principle, even if today there's no
> actual hole (that we already know of).
I agree.
--
Andrew Sullivan
[E
t means "we have already decided to back-patch".
A
--
Andrew Sullivan
[EMAIL PROTECTED]
+1 503 667 4564 x104
http://www.commandprompt.com/
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
at we have lived with in older
releases because fixing them was too risky or because the bug was so
tiny or unusual as to make the risk greater than the reward.
A formal policy that's any more detailed than what's in the FAQ today
is a solution in search of a problem.
A
--
Andrew Sul
the advantage offered by having the
source. But the idea that the new functionality should be patched
back by the project because one is impatient is not on.
A
--
Andrew Sullivan
[EMAIL PROTECTED]
+1 503 667 4564 x104
http://www.commandprompt.com/
--
Sent via pgsql-hackers mailing list (
On Wed, Aug 20, 2008 at 05:03:19PM +0300, Asko Oja wrote:
>
> Lets get on with 8.4
Oh, I shoulda mentioned that, too -- I completely support doing this
work for 8.4. (I can think of more than one case where this feature
alone would be worth the upgrade.)
A
--
Andrew Sullivan
[EMAIL PRO
his sort is a serious one,
given the orders of magnitude difference.
A
--
Andrew Sullivan
[EMAIL PROTECTED]
+1 503 667 4564 x104
http://www.commandprompt.com/
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
to me.
A
--
Andrew Sullivan
[EMAIL PROTECTED]
+1 503 667 4564 x104
http://www.commandprompt.com/
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
at
harried administrators have to spell these options correctly. Why
can't we parse all the file, separating each label by "_". Then if
any arrangements of those labels matches a "real" configuration
parameter, select that one as the thing to match and
to be that
different people's common sense leads them to different conclusions.
(We had a devastating government in Ontario some years ago that claimed
to be doing things that were just common sense; the Province is still
cleaning up the mess.)
A
--
Andrew Sullivan
[EMAIL PROTECTED]
+1 503
On Thu, Sep 18, 2008 at 03:25:10PM -, Greg Sabino Mullane wrote:
> Frankly, the whole pg_dump mess is what keeps many people on older versions,
> somtimes including 7.4.
This isn't my experience. The reasons people stay on older releases
are manifold.
A
--
Andrew Sullivan
[EMAI
;possible disclosure of existence of datum". I think
this will be a lot of work, and I'm not volunteering to do it. I
nevertheless think that without it, the SE-PostgreSQL features will
continue to be a very awkward fit.
A
--
Andrew Sullivan
[EMAIL PROTECTED]
+1 503 667 4564 x104
http
ve they published it where we can find it?
I have a couple contacts in the security world who might be able to
help with references. I'm asking them now.
A
--
Andrew Sullivan
[EMAIL PROTECTED]
+1 503 667 4564 x104
http://www.commandprompt.com/
--
Sent via pgsql-hackers maili
this is helpful,
A
--
Andrew Sullivan
[EMAIL PROTECTED]
+1 503 667 4564 x104
http://www.commandprompt.com/
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
he proposed use cases.
A
--
Andrew Sullivan
[EMAIL PROTECTED]
+1 503 667 4564 x104
http://www.commandprompt.com/
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
uggesting that some additional
work clarifying the specific goals of the work is all that's really
needed.
A
--
Andrew Sullivan
[EMAIL PROTECTED]
+1 503 667 4564 x104
http://www.commandprompt.com/
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
ble
for anyone to review the implementation of such a big feature and say
whether it does what it intends to do.
A
--
Andrew Sullivan
[EMAIL PROTECTED]
+1 503 667 4564 x104
http://www.commandprompt.com/
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
ing to point out that what are the obvious areas of access control
from one point of view are not even interesting from another. This is
why I think a fairly complete analysis is needed (and why I think it
hasn't been done yet).
A
--
Andrew Sullivan
[EMAIL PROTECTED]
+1 503 667 4564 x104
http:
On Fri, Oct 10, 2008 at 01:44:49PM +0900, KaiGai Kohei wrote:
> Andrew Sullivan wrote:
>> I want to focus on this description, because you appear to be limiting
>> the problem scope tremendously here. We've moved from "general
>> security policy for database
might be better to call the
authentication method TLS, so as not to conflate it with the
Netscape-defined SSL. But this is maybe straying into a different
topic.]
--
Andrew Sullivan
[EMAIL PROTECTED]
+1 503 667 4564 x104
http://www.commandprompt.com/
--
Sent via pgsql-hackers mailin
1 - 100 of 394 matches
Mail list logo
