contrib: auth_delay module

From: KaiGai Kohei <kaigai(at)kaigai(dot)gr(dot)jp>
To: PostgreSQL-Hackers <pgsql-hackers(at)postgresql(dot)org>
Cc: KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com>
Subject: contrib: auth_delay module
Date: 2010-11-04 12:49:07
Views: Raw Message | Whole Thread | Download mbox | Resend email
Lists: pgsql-hackers

The attached patch is a contrib module to inject a few seconds
delay on authentication failed. It is also a proof of the concept
using the new ClientAuthentication_hook.

This module provides a similar feature to pam_faildelay on
operating systems. Injection of a few seconds delay on
authentication fails prevents (or makes hard at least) brute-force
attacks, because it limits number of candidates that attacker can
verify within a unit of time.

KaiGai Kohei <kaigai(at)kaigai(dot)gr(dot)jp>

Attachment Content-Type Size
pgsql-v9.1-auth-delay.1.patch application/octect-stream 4.5 KB


Browse pgsql-hackers by date

  From Date Subject
Next Message Itagaki Takahiro 2010-11-04 13:05:01 Re: contrib: auth_delay module
Previous Message Kenneth Marshall 2010-11-04 12:35:39 Re: Hash support for arrays