Home > mailing lists

Re: [PERFORM] BUG #4919: CREATE USER command slows down system performance - Mailing list pgsql-bugs

From	Tom Lane
Subject	Re: [PERFORM] BUG #4919: CREATE USER command slows down system performance
Date	July 15, 2009 15:30:52
Msg-id	23164.1247671826@sss.pgh.pa.us Whole thread Raw
In response to	Re: [PERFORM] BUG #4919: CREATE USER command slows down system performance (David Wilson <david.t.wilson@gmail.com>)
List	pgsql-bugs

Tree view

David Wilson <david.t.wilson@gmail.com> writes:
> On Wed, Jul 15, 2009 at 11:10 AM, Marko Kreen<markokr@gmail.com> wrote:
>> From security standpoint, wasting more cycles on bad passwords is good,
>> as it decreases the rate bruteforce password scanning can happen.
>>
>> And I cannot imagine a scenario where performance on invalid logins
>> can be relevant..

> DoS attacks. The longer it takes to reject an invalid login, the fewer
> invalid login attempts it takes to DoS the server.

Yeah, but even with the current setup, an attacker who can fire
connection request packets at your postmaster port is not going to have
any trouble DoS'ing the service.  We expend quite a lot of cycles before
getting to the password challenge already.

            regards, tom lane

pgsql-bugs by date:

From: David Wilson
Date: 15 July 2009, 15:24:06
Subject: Re: [PERFORM] BUG #4919: CREATE USER command slows down system performance

From: Marko Kreen
Date: 15 July 2009, 15:31:38
Subject: Re: [PERFORM] BUG #4919: CREATE USER command slows down system performance

Re: [PERFORM] BUG #4919: CREATE USER command slows down system performance - Mailing list pgsql-bugs

Previous

Next