Re: BUG #16522: No anti-violent cracking mechanism

From: Magnus Hagander <magnus(at)hagander(dot)net>
To: abcxiaod(at)126(dot)com, PostgreSQL mailing lists <pgsql-bugs(at)lists(dot)postgresql(dot)org>
Subject: Re: BUG #16522: No anti-violent cracking mechanism
Date: 2020-07-01 10:54:49
Message-ID: CABUevEzYSK-f=53rH91ZyGuduvLnfLzOXdWM2sj3A8tTCLLzeQ@mail.gmail.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-bugs

On Wed, Jul 1, 2020 at 12:07 PM PG Bug reporting form <
noreply(at)postgresql(dot)org> wrote:

> The following bug has been logged on the website:
>
> Bug reference: 16522
> Logged by: yi Ding
> Email address: abcxiaod(at)126(dot)com
> PostgreSQL version: 10.13
> Operating system: linux
> Description:
>
> Pg database is not locked after password verification fails several times.
>
>
Correct, there is no such feature built-in, so there is no bug in something
that does not work.

If you want this feature you can integrate PostgreSQL with numerous
external authentication methods such as gssapi, ldap, radius or pam, all of
which can provide such functionality if set up right. You can also use
fail2ban or some simple log-tailing script that implements it.

--
Magnus Hagander
Me: https://www.hagander.net/ <http://www.hagander.net/>
Work: https://www.redpill-linpro.com/ <http://www.redpill-linpro.com/>

In response to

Browse pgsql-bugs by date

  From Date Subject
Next Message Dmitry Dolgov 2020-07-01 12:55:54 Re: BUG #16500: SQL Abend. select multi_key_columns_range_partition_table
Previous Message PG Bug reporting form 2020-07-01 10:01:14 BUG #16522: No anti-violent cracking mechanism