[Pulp-dev] Integer IDs in Pulp 3

Sean Myers sean.myers at redhat.com
Thu May 24 15:45:31 UTC 2018

On 05/24/2018 11:22 AM, Austin Macdonald wrote:
> I have a few concerns, but they all may be addressable.
> 1. URLs and security. If this integer is in the url, it is easy to guess
> other urls. Hopefully, our security model won't depend on obscurity, so
> maybe this isn't much of a concern.

This might actually be a "pro", since I don't really see a downside to having
guessable PKs. As an admin just spelunking the API, something you can make some
good guesses to get where you're trying to go, and this is impossible with UUID
PKs. As a nefarious user trying to guess at PKs, I (perhaps optimistically)
assume that if I was able to view the contents of a resource by guessing at its
PK, I'd also be able to see that same content in the list view for that resource
and just go get its PK. And the reverse should be true, which is that if I'm not
able to see a given resource in a list view, I should also not be able to view
that individual resource even if I guess the PK correctly.

> 2. bulk_create. Apparently, bulk_creates would work, but only with
> postgreSQL. If we accept this change, any bulk_create would make lock us in
> with postgres. [0]

Regarding bulk_create, I'm operating under the assumption that the main thing
Pulp would want to bulk_create is content. This little bullet from that page
means that Pulp probably shouldn't do that regardless of the DB it's using,
unless it's willing to accept the consequences:

"It does not work with child models in a multi-table inheritance scenario."

Since multi-table inheritance is at the core of Pulp's content typing and
newfound relational abilities, this warning shouldn't be taken lightly.

I did want to clarify what I think you're saying here, though. bulk_create works
with any backend (sans multi-table shenanigans), you have to include the PK
value for every object being bulk_created. This is trivial for UUID PKs, less so
for serial int PKs (unless Pulp wants to be bound to postgres)

> 3. Max size = 2,147,483,647? Is it conceivable that a Pulp would have more
> than 2 billion of anything?

In my opinion, no. That is a ridiculously large number. It took us literally
decades of giving out IP addresses to everything we could think of* before we
exhausted the pool.

*: This isn't a great analogy, but I think it's probably "good
   enough". I'm sorry. :(

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 866 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/pulp-dev/attachments/20180524/5d48ee02/attachment.sig>

More information about the Pulp-dev mailing list