| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Bruce Momjian <bruce(at)momjian(dot)us> |
| Cc: | Josh Berkus <josh(at)agliodbs(dot)com>, pgsql-hackers(at)postgresql(dot)org, Merlin Moncure <mmoncure(at)gmail(dot)com>, "Jim C(dot) Nasby" <jnasby(at)pervasive(dot)com> |
| Subject: | Re: advisory locks and permissions |
| Date: | 2006-09-21 14:22:56 |
| Message-ID: | 29724.1158848576@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Bruce Momjian <bruce(at)momjian(dot)us> writes:
> Doesn't creating many temp tables in a transaction do the same thing?
True, but it's a tad harder/less likely that you'd accidentally cause
a problem that way.
I'm not sure if I'm crying wolf or whether there's a serious issue.
Certainly, if you have SQL-command access there are plenty of ways
to cause DoS situations of varying levels of severity.
An admin who is concerned about this can revoke public access on the
functions for himself ... but should that be the default out-of-the-box
configuration? I feel more comfortable with saying "you have to turn
on this potentially-dangerous feature" than with saying you have to turn
it off.
Another reason for restricting access to the advisory-lock functions
is that an uninformed application might take the wrong locks, and
bollix up your intended usage accidentally.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Andrew Dunstan | 2006-09-21 14:35:45 | Re: 'configure --disable-shared' and 'make check' |
| Previous Message | Dave Cramer | 2006-09-21 14:04:06 | Index bloat problem in 7.4 |