| From: | Marko Tiikkaja <marko(at)joh(dot)to> |
|---|---|
| To: | Jeremy Schneider <schnjere(at)amazon(dot)com> |
| Cc: | PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org>, "Albin, Lloyd P" <lalbin(at)scharp(dot)org> |
| Subject: | Re: BUG #15182: Canceling authentication due to timeout aka Denial of Service Attack |
| Date: | 2018-07-20 21:56:13 |
| Message-ID: | CAL9smLDgjXceft0KDdthy8FK2LJ5VPG3E_bvWK3Ow-w7ePGwqg@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs pgsql-hackers |
On Fri, Jul 20, 2018 at 2:17 AM, Jeremy Schneider <schnjere(at)amazon(dot)com>
wrote:
> I'd like to bump this old bug that Lloyd filed for more discussion. It
> seems serious enough to me that we should at least talk about it.
>
> Anyone with simply the login privilege and the ability to run SQL can
> instantly block all new incoming connections to a DB including new
> superuser connections.
>
So.. don't VACUUM FULL pg_authid without lock_timeout?
I can come up with dozens of ways to achieve the same effect, all of them
silly.
.m
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Thomas Munro | 2018-07-21 01:39:12 | Re: BUG #15285: Query used index over field with ICU collation in some cases wrongly return 0 rows |
| Previous Message | Dmitry Dolgov | 2018-07-20 21:28:06 | LLVM jit and window functions on a temporary table |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Jerry Jelinek | 2018-07-20 22:04:55 | Re: patch to allow disable of WAL recycling |
| Previous Message | Jerry Jelinek | 2018-07-20 21:50:37 | Re: patch to allow disable of WAL recycling |