3/30/2023 0 Comments Postgres uuid generatorHard to debug: Harder to remember, hard to debug, a small but important QoL issue.Size: The downside is that UUIDs are four times as big as a serial, and if you have size constraints, they can be a problem.This works very well for databases distributed over several nodes. Random distribution: The random distribution of the UUIDs can prevent disk hotspots, where a large number of objects are stored in a particular disk block, causing high usage on specific areas of the disk.A UUID on the other hand, can be generated directly by the client making inserts very simple, and solves the foreign key problem quite nicely too. This is even more of a problem when inserting multiple related objects with foreign keys, and creates inelegant multi step inserts. Independent Generation: The biggest problem with sequential ids is that the client doesn’t know the id of an object being inserted without talking to the database.UUIDs just provide more protection in this case. To be very clear though, UUIDs are not a security mechanism, the actual solution to this problem is to put up stronger access control. A UUID is universally random, and is practically impossible for external parties to predict. A malicious user or a bot could easily scrape identities of all your users, or spam your API with organised actions on all your users. Enumeration of entries: Another problem is that it’s very easy to enumerate all the entries of your table with a primary key.This leaks information about the size of your userbase. If the primary key is easily visible to the user, this means that anyone can find out your number of users by just looking at the primary key on a freshly created user.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |