| From: | Bruce Momjian <bruce(at)momjian(dot)us> |
|---|---|
| To: | Michael Paquier <michael(at)paquier(dot)xyz> |
| Cc: | Ian Barwick <ian(dot)barwick(at)2ndquadrant(dot)com>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: PG 12 draft release notes |
| Date: | 2019-06-13 13:12:58 |
| Message-ID: | 20190613131258.pbitxsdwa7xgs4co@momjian.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Thu, Jun 13, 2019 at 09:11:08AM -0400, Bruce Momjian wrote:
> On Thu, Jun 13, 2019 at 03:33:48PM +0900, Michael Paquier wrote:
> > On Wed, Jun 12, 2019 at 05:25:37PM -0400, Bruce Momjian wrote:
> > > Since we did not backpatch this fix, I am hesitant to spell out exactly
> > > how to exploit this DOS attack. Yes, people can read it in the email
> > > archives, and commit messages, but I don't see the value in spelling it
> > > out the release notes too.
> >
> > We could go for a more general version of that, for the reason that it
> > involves all relations, like:
> > "A caller of TRUNCATE or VACUUM could previously queue for an access
> > exclusive lock on a relation it may not have permission to truncate or
> > vacuum, leading to relations to be blocked from being accessed."
>
> Uh, that still seems to suggest an attack and I am not sure that
> information is very useful to users.
I went with this wording:
This prevents unauthorized locking, which could interfere with
user queries.
--
Bruce Momjian <bruce(at)momjian(dot)us> http://momjian.us
EnterpriseDB http://enterprisedb.com
+ As you are, so once was I. As I am, so you will be. +
+ Ancient Roman grave inscription +
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Rafia Sabih | 2019-06-13 13:17:07 | Re: Adaptive query optimization |
| Previous Message | Bruce Momjian | 2019-06-13 13:11:08 | Re: PG 12 draft release notes |