| From: | Andres Freund <andres(at)anarazel(dot)de> |
|---|---|
| To: | Joshua Brindle <joshua(dot)brindle(at)crunchydata(dot)com> |
| Cc: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Joe Conway <mail(at)joeconway(dot)com>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: RFC: seccomp-bpf support |
| Date: | 2019-08-28 19:49:05 |
| Message-ID: | 20190828194905.sjy2jsqiw3wsact4@alap3.anarazel.de |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Hi,
On 2019-08-28 15:38:11 -0400, Joshua Brindle wrote:
> It seems like complete system compromises should be prioritized over
> slowdowns, and it seems very unlikely to cause a noticeable slowdown
> anyway.
The point isn't really this specific issue, but that the argument that
you'll not cause problems by disabling certain syscalls, or that it's
easy to find which ones are used, just plainly isn't true.
> Are there PG users that backed out all of the Linux KPTI patches due
> to the slowdown?
Well, not backed out on a code level, but straight out disabled at boot
time (i.e. pti=off)? Yea, I know of several.
> I think we need to reign in the thread somewhat. The feature allows
> end users to define some sandboxing within PG. Nothing is being forced
> on anyone
Well, we'll have to deal with the fallout of this to some degree. When
postgres breaks people will complain, when it's slow, people will
complain, ...
Greetings,
Andres Freund
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Taylor Vesely | 2019-08-28 19:52:13 | Re: Memory-Bounded Hash Aggregation |
| Previous Message | Thomas Munro | 2019-08-28 19:47:35 | Re: RFC: seccomp-bpf support |