Re: W3C Specs: Web SQL

Excerpts from Charles Pritchard's message of lun nov 08 20:25:21 -0300 2010:
> On 11/8/2010 3:03 PM, Alvaro Herrera wrote:
> > Excerpts from Kevin Grittner's message of lun nov 08 19:30:54 -0300 2010:
> >> David Fetter<david@fetter.org>  wrote:
> >>
> >>> That's not proof against a DoS
> >>
> >> What client API is?
> > This spec gives free rein into every web user's system to webmasters.
> > If this isn't terminally dangerous, I don't know what is.
> 
> DoS is more-or-less the responsibility of the host to send up alerts like:
> "This page is hanging, do you want to continue..." or otherwise 
> automatically close hanging queries.

I classify that kind of approach to security as "terminally dangerous", yes.

> I don't believe the webmaster is granted free rein:
> Disk quotas are enforced, data is separated per origin,
> hanging processes are up to the implementer, and postgres has plenty of 
> settings for that.

The day a privilege escalation is found and some webserver runs
"pg_read_file()" on your browser, will be a sad one indeed.

> The default disk quota per origin is generally 5megs; beyond that, 
> additional user interaction is requested.

So 5 megs to a.example.com, 5 megs to b.example.com, and so on?  Sounds,
eh, great.

-- 
Álvaro Herrera <alvherre@commandprompt.com>
The PostgreSQL Company - Command Prompt, Inc.
PostgreSQL Replication, Consulting, Custom Development, 24x7 support