Home > mailing lists

Re: Fwd: Infinite recursion in function causes DoS - Mailing list pgsql-bugs

From	Bruno Wolff III
Subject	Re: Fwd: Infinite recursion in function causes DoS
Date	March 27, 2004 01:11:44
Msg-id	20040326205317.GF20194@wolff.to Whole thread Raw
In response to	Fwd: Infinite recursion in function causes DoS (Martin Pitt <martin@piware.de>)
List	pgsql-bugs

Tree view

On Thu, Mar 25, 2004 at 12:25:33 +0100,
  Martin Pitt <martin@piware.de> wrote:
>
> Either way, this situation leads to a DoS of the database system or the
> entire machine.  Since any user with enough privileges to access the
> database can create and execute functions, this raises a slight security
> concern.

It is going to be very difficult to prevent authorized postgres users
from DOSing the server. While fixing this issue will make it harder
to accidentally shoot ones self in the foot, you cannot expect to give
untrusted users access to postgres and have the server be secure from
DOS attacks.

pgsql-bugs by date:

From: Bruno Wolff III
Date: 27 March 2004, 01:06:37
Subject: Re: Fwd: Default pg_autovacuum config glitches

From: "PostgreSQL Bugs List"
Date: 27 March 2004, 02:08:48
Subject: BUG #1117: Time calculation from epoch is 12 hours out

Re: Fwd: Infinite recursion in function causes DoS - Mailing list pgsql-bugs

Previous

Next