On 3/27/07, Aidan Van Dyk <aidan@xxxxxxxxxxx> wrote:
Kev wrote: > Hi everyone, > > I'm still in the design phase of a project. I was just wondering if > anyone has any thoughts or experience on the idea of cutting the P out > of the LAMP (or in my case, WAMP for now) stack. What I mean is > having > everything encapsulated into sql (or plpgsql or plperl where needed) > functions stored in the pgsql server, and have Apache communicate with > pgsql via a tiny C program that pretty much just checks whether the > incoming function is on the allowed list and has the proper data > types, > then passes it straight in. Any errors are logged as potential > security > breaches. Sounds something like mod_libpq: http://asmith.id.au/mod_libpq.html
brilliant. highest possible marks! i mean, wow! :-) merlin
