On 11/8/2010 4:47 PM, Alvaro Herrera wrote:
Excerpts from Charles Pritchard's message of lun nov 08 20:25:21 -0300 2010:
On 11/8/2010 3:03 PM, Alvaro Herrera wrote:
Excerpts from Kevin Grittner's message of lun nov 08 19:30:54 -0300 2010:
David Fetter<da...@fetter.org> wrote:
That's not proof against a DoS
What client API is?
This spec gives free rein into every web user's system to webmasters.
If this isn't terminally dangerous, I don't know what is.
DoS is more-or-less the responsibility of the host to send up alerts like:
"This page is hanging, do you want to continue..." or otherwise
automatically close hanging queries.
I classify that kind of approach to security as "terminally dangerous", yes.
I don't believe the webmaster is granted free rein:
Disk quotas are enforced, data is separated per origin,
hanging processes are up to the implementer, and postgres has plenty of
settings for that.
The day a privilege escalation is found and some webserver runs
"pg_read_file()" on your browser, will be a sad one indeed.
The default disk quota per origin is generally 5megs; beyond that,
additional user interaction is requested.
So 5 megs to a.example.com, 5 megs to b.example.com, and so on? Sounds,
eh, great.
I don't think it's fair to assume a privilege escalation will be found:
using that argument, no software should ever run on a client/server.
That said, NaCl and PNaCl are under active development and I've no doubt
that Postgres could be compiled by the tool set in the future.
http://code.google.com/p/nativeclient/
Still, that's a diversion from the topic: Postgres can run on workstations,
with an audience of browser-oriented implementations.
Postgres is more stable than Sqlite for "enterprise-level" activity,
hardened/enterprise
browser distributions would choose Postgres over Sqlite for Web SQL
implementations.
I don't think it's fair to assume a privilege escalation will be found:
using that argument, no software should ever run on a client/server.
That said, NaCl and PNaCl are under active development and I've no doubt
that Postgres could be compiled by the tool set in the future.
http://code.google.com/p/nativeclient/
Still, that's a diversion from the topic: Postgres can run on workstations,
with an audience of browser-oriented implementations.
Postgres is more stable than Sqlite for "enterprise-level" activity,
hardened/enterprise
browser distributions would choose Postgres over Sqlite for Web SQL
implementations.
And as for the quota issues: that's really up to the browser vendor.
It's completely out of spec here.
And it's how the web currently works for hundreds of millions of users:
it's not introducing a security issue,
as it reflects the current state of security.
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
