* Pavel Stehule ([email protected]) wrote: > 2009/10/19 Heikki Linnakangas <[email protected]>: > > Or are you saying that it should not be possible for the client to > > change the value after connecting? That limits the usefulness with > > connection pools. > > What I know, connections from connection pool without reset are shared > by one application. But I am not against some possibility to change > this value from application. I am against to possibility an change by > normal user. When we allow it, then this value has not any wight, > because any broken appliaction (via SQL injection) can change it.
Broken applications have much bigger problems than this. Predicating
what we would/should do on the assumption of an application that's
broken just doesn't make sense to me.
Stephen
signature.asc
Description: Digital signature
