Doing authentication in backend

From: Peter Eisentraut <peter_e(at)gmx(dot)net>
To: PostgreSQL Development <pgsql-hackers(at)postgresql(dot)org>
Subject: Doing authentication in backend
Date: 2001-06-14 16:31:54
Message-ID: Pine.LNX.4.30.0106141817590.2008-100000@peter.localdomain
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

If we did this the straightforward way (exchange authentication packets
after fork()) then rogue clients could connect, start a backend, twiddle
thumbs, never finish the authentication exchange, meanwhile having filled
up the limit on the number of connections. Somehow the backends would
have to report back to the postmaster that the authentication passed.
But then an attacker could easily fill up the system's process table with
this approach. If you in turn put a cap on that to save your system at
large, you're back to having DoS'ed your database server.

Then you would have to put a timeout on the completion of the
authentication sequence. This would be a fairly tricky thing to configure
given the various choices of ways to authenticate, including interactive
ones.

ISTM that there is some merit in having authentication happen *before*
doing much else, especially allocating per-connection resources.

Comments?

--
Peter Eisentraut peter_e(at)gmx(dot)net http://funkturm.homeip.net/~peter

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Bruce Momjian 2001-06-14 16:36:48 Re: Removal of temp tables
Previous Message Tom Lane 2001-06-14 15:23:29 Re: [PATCHES] Removal of temp tables