I don't like this patch.  Nothing wrong with the code, but with what is 
being done.  I wouldn't expect the setCatalog method to end my current 
transaction and quietly reconect me to another database.  In this new 
connection my auto comit status will be reset and there could be other 
side effects I haven't yet thought of.  What happens if the current user 
doesn't have permission to connect to the new database?

Also are there any security issues with having a client being able to 
discover all databases and then going and listing all tables/objects in 

If we can't come up with a secure way of querying this information 
without reconnecting the connection, then I think we should not 
implement setCatalog.

BTW Does anyone know what the Oracle driver does with catalogs, since 
they also don't have such a concept natively.  I am especially 
interested in if they support Connection.setCatalog().


> Date: Thu, 19 Jul 2001 14:48:45 -0500
> To: Tom Lane <[EMAIL PROTECTED]>, Peter Eisentraut <[EMAIL PROTECTED]>
> Subject: Re: Connection.setCatalog()
> [[[ Original Message from Tom Lane <[EMAIL PROTECTED]> ]]]
>> Peter Eisentraut <[EMAIL PROTECTED]> writes:
>> > Tom Lane writes:
>> >> Peter E. has previously commented that Postgres databases correspond
>> >> most closely to the SQL concept of "catalog cluster", not "catalog".
>> > I most certainly did not.  According to my interpretation:
>> I sit corrected.  If you want to define catalog == database, okay with
>> me.
>>                      regards, tom lane
> Great, here is a context diff of CVS for implementing the 
> get/setCatalog methods in Connection - note: I've updated 
> setCatalog(String catalog) from my previous diff so it checks whether 
> it is already connected to the specified catalog.
> Thanks,
> Jason Davies
> [Connection.diff]
> [attachment omitted]
> ---------------------------(end of broadcast)---------------------------
> TIP 5: Have you checked our extensive FAQ?
> http://www.postgresql.org/users-lounge/docs/faq.html

---------------------------(end of broadcast)---------------------------
TIP 1: subscribe and unsubscribe commands go to [EMAIL PROTECTED]

Reply via email to