On Thu, Mar 15, 2007 at 07:38:25AM -0400, Douglas McNaught wrote:
> "Kynn Jones" <kynnjo@gmail.com> writes:
>
> > We have an in-house Postgres database that we would like to make
> > publicly accessible via a password-less login (user: anonymous).
> > (We already have a web front-end for this database, but we have
> > had a lot of requests to allow programmatic access in a way that
> > does not require scraping web pages; FWIW, web scraping of this
> > site is already disallowed in our TOS.)
>
> Honestly, I would consider writing a web (i.e. SOAP or XML-RPC)
> service for this purpose rather than using allowing direct access.
> That lets you control what kind of queries can be run. It's more
> work, but much cleaner and more secure. There are too many ways
> even a read-only user can perform a DOS attack.
Simple example: you allow reads on table foo. Attacker does:
SELECT * FROM foo f1, foo f2, foo f3, foo f4, foo f5, foo f6, foo f7 ,
foo f8, foo f9, foo f10, foo f11, foo f12, foo f13, foo f14, foo f15,
foo f16, foo f17, foo f18, foo f19, foo f20;
Cheers,
D
--
David Fetter <david@fetter.org> http://fetter.org/
phone: +1 415 235 3778 AIM: dfetter666
Skype: davidfetter
Remember to vote!
Consider donating to PostgreSQL: http://www.postgresql.org/about/donate
