Re: Sequence vs UUID
| От | Benedict Holland |
|---|---|
| Тема | Re: Sequence vs UUID |
| Дата | |
| Msg-id | CAD+mzoy0tPKf5+z8KsiFcXsPLE021fTbS7m-POFX8qv-N+M2_Q@mail.gmail.com обсуждение исходный текст |
| Ответ на | Sequence vs UUID (veem v <veema0000@gmail.com>) |
| Ответы |
Re: Sequence vs UUID
|
| Список | pgsql-general |
Why is it a terrible idea? I have been using them for years without a single problem. I don't rely on them for create order. Terrible seem a bit extreme.
Thanks,
Ben
On Sat, Jan 28, 2023, 3:39 PM Erik Wienhold <ewie@ewie.name> wrote:
> On 27/01/2023 01:48 CET Ron <ronljohnsonjr@gmail.com> wrote:
>
> On 1/26/23 15:55, Erik Wienhold wrote:
> >
> > There are arguments against sequential PK, e.g. they give away too much info and
> > allow attacks such as forced browsing[2]. The first I can understand: you may
> > not want to reveal the number of users or customers. But access control should
> > prevent forced browsing.
>
> Shouldn't your application layer isolate the users from the database? UUIDs
> are all over the DBs I manage, but the PKs are all sequences.
Yes, I meant the application layer, not Postgres' access control.
--
Erik
В списке pgsql-general по дате отправления: