[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Security fix that started all this
- Subject: Re: Security fix that started all this
- From: Gavin Carr <..hidden..>
- Date: Sun, 10 Sep 2006 09:35:38 +1000
On Fri, Sep 08, 2006 at 04:35:04PM -0400, Christopher Murtagh wrote:
> On 9/8/06, Jason Rodrigues <..hidden..> wrote:
> > On Friday 08 September 2006 16:07, Tony Fraser wrote:
> > > On Fri, 2006-09-08 at 15:43 -0400, Christopher Murtagh wrote:
> > > > The plan is to move all the files in users/ into a central database,
> > > > and the same for user modified templates and css. The advantages this
> > > > has are:
> >
> > Templates in the db are tricky, because now we have to provide a way to load
> > the templates into the DB. The time to test/edit/debug a template also
> > increases, because of that extra step.
>
> Think if the db as a different file system, except this one is
> standard across all platforms. fopen for reading becomes a select,
> fopen for writing becomes an update. It's a bit more overhead, but
> it's minor and even on the most modest of hardware it's not a huge
> amount.
Yes, but it's a highly impoverished filesystem that none of my standard
tools work with. I can't use vi, find, grep, perl, or any of my standard
file toolkit on this filesystem. I can't use any kind of version control
to manage the changes I make to these files. I can't centrally manage a
bunch of shared templates and push them out to 20 different client
instances. I could come up with lots more examples too, I'm sure.
Of course, they're not strict counter-examples, because I could probably
do all of them via some kind of export/import mechanism that dumps copies
of the things to disk. But it's all much harder and fiddlier, for what is
IMHO a pretty small benefit.
Databases are good for structured data where you want to slice and dice
based on individual data components. The argument for putting blobs in
the database comes down to the convenience of having all your data in one
place with a uniform interface; I personally think that in the case of
user data files like these - where you typically do want to be able to
manipulate them using external tools - that the costs seriously outweigh
the benefits.
My 2c for the pot. :-)
Cheers,
Gavin