| From: | Greg Stark <stark(at)mit(dot)edu> |
|---|---|
| To: | Jim Nasby <Jim(dot)Nasby(at)bluetreble(dot)com> |
| Cc: | PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org>, Bruce Momjian <bruce(at)momjian(dot)us>, Stephen Frost <sfrost(at)snowman(dot)net> |
| Subject: | Re: MD5 authentication needs help |
| Date: | 2015-03-06 11:23:55 |
| Message-ID: | CAM-w4HPWhZmbFvX8xPNvLPckkhGWt0gHQjZGJ0J0ySCM_ok3Jw@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Locked accounts are a terrible terrible idea. All they do is hand attackers
an easy DOS vulnerability. They're pure security theatre if your
authentication isn't vulnerable to brute force attacks and an unreliable
band-aid if they are.
Having dealt with mechanisms for locking accounts in other database they're
much more complicated than they appear. You need to deal with different
requirements for different users, have multiple knobs for how it triggers
and resolves, have tools for auditing the connection attempts to determine
if they're legitimate and identify where the incorrect attempts are coming
from, and so on. And all that accomplishes in the best case scenario is
having lots of busy-work support requests responding to locked accounts
and in the worst case scenario upgrading minor issues into major service
outages.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Amit Kapila | 2015-03-06 12:01:54 | Re: parallel mode and parallel contexts |
| Previous Message | Ashutosh Bapat | 2015-03-06 10:25:45 | Re: Join push-down support for foreign tables |