Thanks JD. Let me confirm I got you right. So, by exception you mean the authentication/authorization/validation functions would return false in case of DB failure?
Thanks, Oleg On Tue, Jan 5, 2016 at 5:33 PM, Joshua D. Drake <j...@commandprompt.com> wrote: > On 01/05/2016 03:21 PM, oleg yusim wrote: > >> Thanks JD. >> >> From what I read about WAL (you have been referring to this: >> http://www.postgresql.org/docs/current/static/wal-internals.html >> pg_xlog, right?) it allows us to know what happened, but does it >> warranty known secure state? I mean, I do not think it would help with >> this: >> >> "In general, security mechanisms should be designed so that a failure >> will follow the same execution path as disallowing the operation. For >> example, application security methods, such as isAuthorized(), >> isAuthenticated(), and validate(), should all return false if there is >> an exception during processing. If security controls can throw >> exceptions, they must be very clear about exactly what that condition >> means. " >> > > You are correct, that isn't the pg_xlog but yes, PostgreSQL will throw an > exception in those types of cases. > > Sincerely, > > JD > > > -- > Command Prompt, Inc. - http://www.commandprompt.com/ 503-667-4564 > PostgreSQL Centered full stack support, consulting and development. > Announcing "I'm offended" is basically telling the world you can't > control your own emotions, so everyone else should do it for you. >
