From: | Magnus Hagander <magnus(at)hagander(dot)net> |
---|---|
To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
Cc: | Alvaro Herrera <alvherre(at)commandprompt(dot)com>, Bruce Momjian <bruce(at)momjian(dot)us>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: Checking pg_hba.conf in the child process |
Date: | 2012-02-25 11:56:51 |
Message-ID: | CABUevEzrzKmjKAs+8UUWywqobsP9rqSwnpszi1-6FxxGqZifpA@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On Sat, Feb 25, 2012 at 00:45, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
> Alvaro Herrera <alvherre(at)commandprompt(dot)com> writes:
>> Excerpts from Bruce Momjian's message of vie feb 24 19:19:10 -0300 2012:
>>> In looking over our authentication code, I noticed that we create the
>>> child process before we check any of the pg_hba.conf file. Now, I
>>> realize we can't do authentication in the postmaster because of possible
>>> delay, and checking the user name and database name filters is just work
>>> that is better done in the child, but checking the IP address might
>>> prevent unauthorized clients from causing excessive process creation on
>>> the server. I know we have listen_addresses, but that defaults to "*"
>>> on the click-through installers, and not everybody knows how to set up a
>>> firewall.
>
>> Hm, one thing to keep in mind is that we allow hostnames there. It'd be
>> a pain to have postmaster hang while resolving names.
>
> Yes. This cure would be a lot worse than the disease. Bruce ought to
> remember that we intentionally moved all that logic *out* of the
> postmaster process, years ago, precisely because it was too hard to
> ensure that the postmaster wouldn't block and thus create DOS conditions
> of another sort.
As long as the block would only look at the IP it would also be
trivial - and more efficient - to do the same blocking in the
firewall, either local host firewall rules or the network firewall
depending on deployment...
--
Magnus Hagander
Me: http://www.hagander.net/
Work: http://www.redpill-linpro.com/
From | Date | Subject | |
---|---|---|---|
Next Message | Thom Brown | 2012-02-25 11:58:56 | Re: Command Triggers, patch v11 |
Previous Message | Sergey Burladyan | 2012-02-25 10:29:36 | Re: Patch for BUG #6480, psql incorrect indent for inherited tables names with UTF-8 NLS |