I am sorry if this is off topic / off interest to the rest of the group but I do think this is an important Issue with google apps.
>> From my understanding, they will both run in the same time since the sharding on data is based on >>.he indexes and not on the "databases"/"tables". In this case the index is the same for NY so it >> should run in the same time. I don't see how this is possible, even if you have indexed objects the "CPU" will still need to go over all Records to compare their index and see if it is equal to the index your looking for. So this should be READING 10,000,000 records vs READING 400,000,000 records, how can it be the same time ? Even if you fetch only 10,000,000 of them , you still need to go over all of them...( the 400,000,000) Is there an index property inside the record that the Google DB knows to make it as an index ? or the index is just another field in your data object ? > 2. The other reason to split the DB is security, should a "bug" or a google > app exploit will be available you dont want > your customer "A" records be viewed by customer "B". the application > runs in somekind of sandbox but if the DB is one > any small error in program can expose everything to everyone. >>I don't have any real comments about this, but it feels to me like you're seeing this as a typical >>DB server isolated in one part, with all the data in the same place. One of the advantages provided >>by the Datastore is that that idea is no longer true. I have to tell you, you are wrong here and with current google app configuration there is a potential security risk. Your application might be separated from other application in a "virtual" separate environment. But within your Application the DB is ONE and only ONE , and there is no separation between the "clients" that use your DB to store and retrieve objects , so it is not up to google to secure your application but it is up to you. Cause within your application , between your different customers , your application is still one and have access to all records on the DB. On a standard web development you can simply split the data to separate DB's (even phisicaly). on google app the problem is that a single ERROR inside "YOUR" application will lead to everyone watching everything including NOT THEIR OWN data , cause all the data is stored in same DB within your application. so google may provide a secure virtual sendbox but this has nothing to do with the internal issue. Do you see my point ? -- Federico Builes --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google App Engine" group. To post to this group, send email to google-appengine@googlegroups.com To unsubscribe from this group, send email to google-appengine+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en -~----------~----~----~----~------~----~------~--~---
