From: | "Jim C(dot) Nasby" <jim(at)nasby(dot)net> |
---|---|
To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
Cc: | pgsql-hackers(at)postgreSQL(dot)org |
Subject: | Re: advisory locks and permissions |
Date: | 2006-09-21 00:22:23 |
Message-ID: | 20060921002223.GI28987@nasby.net |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On Wed, Sep 20, 2006 at 07:52:33PM -0400, Tom Lane wrote:
> face up to the possibility of malicious use. For instance, it's not
> very hard to create a DoS situation by running the system out of shared
> lock table space:
Didn't you just say we don't try and protect against DoS? ;P
> The brute force answer is to make those functions superuser-only, but I
> wonder if there is a better way. Perhaps we could just deny public
> execute access on them by default, and let admins grant the privilege to
> whom they trust.
>
> Or we could try to do something about limiting the number of such locks
> that can be granted, but that seems nontrivial to tackle at such a late
> stage of the devel cycle.
ISTM that just restricting default access still leaves a pretty big
foot-gun laying around... perhaps the best compromise would be to do
that for this release and add some kind of a limit in the next release.
--
Jim Nasby jim(at)nasby(dot)net
EnterpriseDB http://enterprisedb.com 512.569.9461 (cell)
From | Date | Subject | |
---|---|---|---|
Next Message | Merlin Moncure | 2006-09-21 01:17:40 | Re: advisory locks and permissions |
Previous Message | Tom Lane | 2006-09-21 00:13:16 | Re: WIP: Hierarchical Queries - stage 1 |