Home » Archives for Bear Giles

Author Archives: Bear Giles

Storing X.509 Digital Certificates (And Other Messy Things)

We often need to store structured binary data in our database – images, pdf documents, etc., but also have a need to search by, or index on, attributes of that data. E.g., we might store the height and width of an image, or the OCR text from a PDF document (for full text searches). The normal solution is to store ...

Read More »

Database Threat Models

I finally have a breather and can start working through my backlog of ideas. I start with some background that will make the motivation for subsequent posts clearer. What are the threat models for the persistence layer of an application, specificially the threats against the database itself? Remember that a ‘threat’ is an adverse act, whether intentional (by an attacker) ...

Read More »

Creating User-Defined C Functions in PostgreSQL

Many experienced database developers are familiar with user-defined functions implemented in SQL or a procedural language. PostgreSQL itself supports PL/pgSQL, PL/Tcl, PL/Perl, PL/Python, and has third-party support for PL/sh, PL/Java, PL/Ruby, PL/PHP and even PL/R. Recent versions of PostgreSQL also support SQL/MED (foreign data) with foreign data wrappers (FDW). This allows the database user to access foreign data sources – ...

Read More »

Using rlimit (And Why You Should)

I’ve been going through some old notes and came across a reminder of setrlimit(2). This is a C system call that allows an application to specify resource limitations on a number of important parameters: RLIMIT_AS – The maximum size of the process’s virtual memory (address space) in bytes. RLIMIT_CORE – Maximum size of core file. RLIMIT_CPU – CPU time limit ...

Read More »