On Fri, Feb 10, 2006 at 12:16:04PM -0500, Mark Woodward wrote:
And even when PostgreSQL has the server all to itself, having a hashagg
spill to disk is *way* better than pushing the machine into a swap
storm. At least if you spill the hashagg you only have one backend
running at a snail's
* Tom Lane:
Actually, it's because it's certain to be there and be accessible to
unprivileged users.
Isn't this a bit problematic because any local user can impersonate a
PostgreSQL backend which has been shut down?
---(end of broadcast)---
TIP
On Sat, Feb 11, 2006 at 03:04:00PM +0100, Florian Weimer wrote:
* Tom Lane:
Actually, it's because it's certain to be there and be accessible to
unprivileged users.
Isn't this a bit problematic because any local user can impersonate a
PostgreSQL backend which has been shut down?
Well,
Stephen Frost [EMAIL PROTECTED] writes:
* Tom Lane ([EMAIL PROTECTED]) wrote:
Enable pg_ctl to give up admin privileges when starting the server under
Windows (if newer than NT4, else works same as before).
I don't suppose we could consider doing this for Unix-based systems too?
I think it'd
Mark Kirkwood [EMAIL PROTECTED] writes:
I was doing exactly this about a year ago and used Mingw. The only
annoyance was that I could compile everything on Linux in about 3
minutes (P4 2.8Ghz), but had to wait about 60-90 minutes for the same
thing on Windows 2003 Server! (also a P4
Tom Lane wrote:
Stephen Frost [EMAIL PROTECTED] writes:
* Tom Lane ([EMAIL PROTECTED]) wrote:
Enable pg_ctl to give up admin privileges when starting the server under
Windows (if newer than NT4, else works same as before).
I don't suppose we could consider doing this for Unix-based
Mark Kirkwood [EMAIL PROTECTED] writes:
I was doing exactly this about a year ago and used Mingw. The only
annoyance was that I could compile everything on Linux in about 3
minutes (P4 2.8Ghz), but had to wait about 60-90 minutes
for the same
thing on Windows 2003 Server! (also a P4
Martijn van Oosterhout kleptog@svana.org writes:
These no real way around this. The only real option would be moving to
a home directory but that would require knowing the username the server
is running under...
And the problem would still exist, with even less chance of solution,
for TCP
I'm not sure whether our current SSL support does a good job of this
--- I think it only tries to check whether the server
presents a valid certificate, not which cert it is. Possibly
Kerberos does more, but I dunno a thing about that...
If you stick a root certificate (root.crt in
Magnus Hagander [EMAIL PROTECTED] writes:
If you stick a root certificate (root.crt in ~/.postgresql) for it to
validate against, it will be validated against that root. I'm not sure
if it validates the common name of the cert though - that would be an
issue if you're using a global CA. If
Tom Lane [EMAIL PROTECTED] writes:
Greg Stark [EMAIL PROTECTED] writes:
That's why merely allocating tons of swap doesn't necessarily protect you.
It's still possible for a process (or several processes if you allocate more
swap than you have address space) to mmap gigabytes of memory
* Martijn van Oosterhout:
Well, I guess it's an issue. At least it's not suceptable to the
standard symlink attacks. There is in general no way of knowing if the
server you are connecting to is what you think it is (except via SSL
maybe?).
For local (i.e. UNIX domain socket) connections,
If you stick a root certificate (root.crt in ~/.postgresql)
for it to
validate against, it will be validated against that root.
I'm not sure
if it validates the common name of the cert though - that
would be an
issue if you're using a global CA. If you're using a local
Greg Stark wrote:
Tom Lane [EMAIL PROTECTED] writes:
Greg Stark [EMAIL PROTECTED] writes:
That's why merely allocating tons of swap doesn't necessarily protect you.
It's still possible for a process (or several processes if you allocate
more
swap than you have address space) to
Greg Stark [EMAIL PROTECTED] writes:
I was just trying to clarify the situation since someone made some comment
about it having to do with memory being swapped out and then finding nowhere
to swap in when needed. That's not exactly what's happening.
No. I believe the case that is actually
On Fri, Feb 10, 2006 at 07:16:41PM +, Simon Riggs wrote:
On Fri, 2006-02-10 at 19:14 +0100, Martijn van Oosterhout wrote:
On Fri, Feb 10, 2006 at 04:48:42PM +, Simon Riggs wrote:
If a cursor is defined NO SCROLL, which is the SQL Standard implicit
default, then we are safe to
On Sat, Feb 11, 2006 at 11:32:02AM -0600, Jim C. Nasby wrote:
I think the point that Martijn was trying to make was that per our docs
it would be perfectly acceptable for us to make any cursor NO SCROLL
implicitly if it means less work for the optimizer.
Ok, I take that back. The actual
Jim C. Nasby wrote:
On Sat, Feb 11, 2006 at 11:32:02AM -0600, Jim C. Nasby wrote:
I think the point that Martijn was trying to make was that per our docs
it would be perfectly acceptable for us to make any cursor NO SCROLL
implicitly if it means less work for the optimizer.
Ok, I take
* Magnus Hagander:
But no, it wouldn't be bad if there was a way to specify exactly which
cert is used. Or at least validate the common name of it agains the
hostname of the server.
SSH-like leap of faith authentication would be even better. Store
the certificate on the first connection
I was think about how forgetting to run analyze while developing a table
loader program caused PostgreSQL to run away and use up all the memory.
Is there some way that postges or psql can know that it substantially
altered the database and run analyze?
I know this is a kind of stupid question,
Mark Woodward wrote:
I know this is a kind of stupid question, but postgresql does not
behave well when the system changes in a major way without at least
an analyze. There must be something that can be done to protect the
casual user (or busy sometimes absent minded developer) from these
I don't know if this the correct list to ask about implementation
details. If not, let me know.
Anyway, are there functions that return which processes or transactions
are holding locks in relations, tuples, etc ?
Best regards,
Alfranio
---(end of
Are there some sort of functions that I could use to know which process
has an exclusive lock on relations, pages, tuples, transactions,
etc... ?
Best regards,
Alfranio Junior
---(end of broadcast)---
TIP 3: Have you checked our extensive FAQ?
On Sat, 11 Feb 2006, Alfranio Correia Junior wrote:
Are there some sort of functions that I could use to know which process
has an exclusive lock on relations, pages, tuples, transactions,
etc... ?
SELECT * FROM pg_locks;
- Heikki
---(end of
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
This was raised before, but I can't find the exact thread. I'd
like to re-open the idea of boosting the minimum Perl version
for PL/Perl to 5.6. My primary motivation is to provide use
of our for the %TD hash, as mentioned before (cannot find the
Bruce Momjian wrote:
Tom Lane wrote:
Stephen Frost [EMAIL PROTECTED] writes:
* Tom Lane ([EMAIL PROTECTED]) wrote:
Enable pg_ctl to give up admin privileges when starting the server under
Windows (if newer than NT4, else works same as before).
I don't suppose we
Greg Sabino Mullane wrote:
This was raised before, but I can't find the exact thread. I'd
like to re-open the idea of boosting the minimum Perl version
for PL/Perl to 5.6.
I don't think this is unreasonable.
--
Peter Eisentraut
http://developer.postgresql.org/~petere/
On Sat, 2006-02-11 at 11:44 -0600, Jim C. Nasby wrote:
On Sat, Feb 11, 2006 at 11:32:02AM -0600, Jim C. Nasby wrote:
I think the point that Martijn was trying to make was that per our docs
it would be perfectly acceptable for us to make any cursor NO SCROLL
implicitly if it means less work
I mean, any C function.
---(end of broadcast)---
TIP 9: In versions below 8.0, the planner will ignore your desire to
choose an index scan if your joining column's datatypes do not
match
On Sat, Feb 11, 2006 at 07:47:32PM +, Simon Riggs wrote:
On Sat, 2006-02-11 at 11:44 -0600, Jim C. Nasby wrote:
On Sat, Feb 11, 2006 at 11:32:02AM -0600, Jim C. Nasby wrote:
I think the point that Martijn was trying to make was that per our docs
it would be perfectly acceptable for us
Has anyone here seen this one before? Do the values
appear realistic?
http://www.sqlite.org/cvstrac/wiki?p=SpeedComparison
---(end of broadcast)---
TIP 5: don't forget to increase your free space map settings
* Tom Lane ([EMAIL PROTECTED]) wrote:
Martijn van Oosterhout kleptog@svana.org writes:
These no real way around this. The only real option would be moving to
a home directory but that would require knowing the username the server
is running under...
And the problem would still exist,
* Magnus Hagander ([EMAIL PROTECTED]) wrote:
The way our Kerberos implementation is done, it does *not* validate the
server, just the client. If you want server verification, you must use a
combination of both Kerberos and SSL.
Eh? We use mutual authentication in Kerberos...
Stephen
See here:
http://archives.postgresql.org/pgsql-hackers/2005-10/msg00438.php
I don't mind requiring 5.6, but I do want to think carefully about the
implications of changing the declaration of $_TD from my to our,
especially if multiple triggers fire. Is there a danger we might clobber
one?
On 2/11/06, Andrej Ricnik-Bay wrote:
Has anyone here seen this one before? Do the values
appear realistic?
http://www.sqlite.org/cvstrac/wiki?p=SpeedComparison
The values appear to originate from an intrsinsically flawed test setup.
Just take the first test. The database has to do 1000
The way our Kerberos implementation is done, it does *not* validate
the server, just the client. If you want server
verification, you must
use a combination of both Kerberos and SSL.
Eh? We use mutual authentication in Kerberos...
We do? That's good then :-) I was told by someone
Andrej Ricnik-Bay wrote:
Has anyone here seen this one before? Do the values
appear realistic?
http://www.sqlite.org/cvstrac/wiki?p=SpeedComparison
Some of the particularly bad test results for PostgreSQL may be related
to using the default memory configuration and never having run ANALYZE.
* Magnus Hagander ([EMAIL PROTECTED]) wrote:
The way our Kerberos implementation is done, it does *not* validate
the server, just the client. If you want server
verification, you must
use a combination of both Kerberos and SSL.
Eh? We use mutual authentication in Kerberos...
Jeremy Drake wrote:
It looks like pg_column_size gives you the actual size on disk, ie after
compression.
What looks interesting for you would be byteaoctetlen or the function it
wraps, toast_raw_datum_size. See src/backend/access/heap/tuptoaster.c.
pg_column_size calls toast_datum_size, while
On Sat, 2006-02-11 at 11:44 -0600, Jim C. Nasby wrote:
But speaking of documentation, it doesn't actually say what the default
is. Care update that, or should I formally submit a patch?
[1] http://www.postgresql.org/docs/8.1/interactive/sql-declare.html
Actually, if you submit a patch that
Jochem van Dieten [EMAIL PROTECTED] writes:
On 2/11/06, Andrej Ricnik-Bay wrote:
http://www.sqlite.org/cvstrac/wiki?p=SpeedComparison
The values appear to originate from an intrsinsically flawed test setup.
Just take the first test. The database has to do 1000 commits. That
means 1000 I/O
Tom Lane wrote:
Mark Kirkwood [EMAIL PROTECTED] writes:
I was doing exactly this about a year ago and used Mingw. The only
annoyance was that I could compile everything on Linux in about 3
minutes (P4 2.8Ghz), but had to wait about 60-90 minutes for the same
thing on Windows 2003 Server!
Patch applied. Thanks.
---
Euler Taveira de Oliveira wrote:
--- Euler Taveira de Oliveira [EMAIL PROTECTED] escreveu:
I have a patch like this. But this was for 7.4.x. I have to take a
look
at it.
The patch is
On Sat, Feb 11, 2006 at 07:50:22PM -0500, Tom Lane wrote:
On Sat, 2006-02-11 at 11:44 -0600, Jim C. Nasby wrote:
But speaking of documentation, it doesn't actually say what the default
is. Care update that, or should I formally submit a patch?
[1]
On Sat, Feb 11, 2006 at 08:06:56PM -0500, Tom Lane wrote:
Jochem van Dieten [EMAIL PROTECTED] writes:
On 2/11/06, Andrej Ricnik-Bay wrote:
http://www.sqlite.org/cvstrac/wiki?p=SpeedComparison
The values appear to originate from an intrsinsically flawed test setup.
Just take the first
How do people feel about having tabs displayed as 0x09? Should they be
a literal tab?
---
Teodor Sigaev wrote:
***
*** 2463,2469
a href=http://www.google.com/foo.bar.html; target=_blankYES nbsp;/a
Bruce Momjian pgman@candle.pha.pa.us writes:
How do people feel about having tabs displayed as 0x09? Should they be
a literal tab?
If they're a literal tab they'll mess up the formatting that we just so
painstakingly put in. I'd personally vote for \t rather than \x09, but
other than that I
47 matches
Mail list logo
