| From: | Laurenz Albe <laurenz(dot)albe(at)cybertec(dot)at> |
|---|---|
| To: | Sebastian Cabot <scabot(at)gmail(dot)com>, pgsql-hackers(at)lists(dot)postgresql(dot)org |
| Subject: | Re: Prevent query cancel packets from being replayed by an attacker (From TODO) |
| Date: | 2021-03-31 14:44:19 |
| Message-ID: | 7266e97c249faf1cc85255e34a45c28aa500bf24.camel@cybertec.at |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Wed, 2021-03-31 at 16:54 +0300, Sebastian Cabot wrote:
> My name is Sebastian and I am new to this list and community.
> I have been following PostgreSQL for several years and I love the work done on
> it, but I never had the chance (time) to join.
>
> I was going through the TODO list and studied the code and the thread discussing the
> optional fixes and I think I have a solution to this one which has the following advantages:
> 1. No change to the protocol is needed
> 2. Can be implemented in a both forward and backward compatible way
> 3. Does not require any shared memory trickery
> 4. Is immune to brute force attacks (probably)
>
> If this is still something we wish to fix I will be happy to share the details (and
> implement it) - I don't wish to burden you with the details if there is no real interest in solving this.
Thank you for your willingness to help!
Sure, this is the place to discuss your idea, go ahead.
Right now is the end of the final commitfest for v14, so people
are busy getting patches committed and you may get less echo than normally.
Yours,
Laurenz Albe
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Jaime Casanova | 2021-03-31 14:47:08 | Re: cursor already in use, UPDATE RETURNING bug? |
| Previous Message | Surafel Temesgen | 2021-03-31 14:38:27 | Re: Calendar support in localization |