Re: [HACKERS] What about CREATE OR REPLACE FUNCTION?
| От | Mike Mascari |
|---|---|
| Тема | Re: [HACKERS] What about CREATE OR REPLACE FUNCTION? |
| Дата | |
| Msg-id | 3BC3E7AB.7901A3F8@mascari.com обсуждение исходный текст |
| Ответ на | Re: [HACKERS] What about CREATE OR REPLACE FUNCTION? ("Christopher Kings-Lynne" <chriskl@familyhealth.com.au>) |
| Список | pgadmin-hackers |
Christopher Kings-Lynne wrote: > > I seem to recall that Oracle has all sorts of fancy resource limits that can > be applied to users. If such resource limits were implemented, then maybe > the DBA could have the power to limit someone to a maximum of 20% cpu and a > few transactions per second or something. > > Chris I was hoping that after completing the current project I'm working on I might be able to contribute this feature. Oracle calls them PROFILEs which are a set of resource limits associated with a user. They can limit: No. of simultaneous connections No. of blocks read per query No. of blocks read per connection CPU time per query CPU time per connection Idle time as well as a few more esoteric others. I haven't looked at the new system resource reporting system that Jan wrote, but I suspect some of the statistics he gathers might already be available. Limiting simultaneous connections by a user might take a little effort. Limiting idle time might as well. Both have been a requested feature in the past, but have pitfalls associated with them. But right now denial of service for a user with database access is easy: soak up all available connections. Like Jan's resource statistics collector, Oracle's profiles must be enabled in the initSID.ora configuration file since it takes a few cycles to actually account for user activity. Mike Mascari mascarm@mascari.com > > Tom Lane writes: > > > > > I believe the primary reason why PL languages aren't installed by > > > default is security considerations > > > > Well, that argumentation seems to be analogous to giving someone login > > access on a multiuser computer system but not letting him execute, say, > > perl because he might write recursive functions with it. Such setups > > exist (perhaps with something else instead of perl and recursive > > functions) but they are not the norm and usually fine-tuned by the > > administrator. ... > > > > Peter Eisentraut peter_e@gmx.net http://funkturm.homeip.net/~peter
В списке pgadmin-hackers по дате отправления: