Home > mailing lists

Re: @(#)Mordred Labs advisory 0x0007: Remove DoS in PostgreSQL - Mailing list pgsql-hackers

From	Tom Lane
Subject	Re: @(#)Mordred Labs advisory 0x0007: Remove DoS in PostgreSQL
Date	August 30, 2002 03:42:00
Msg-id	26651.1030682520@sss.pgh.pa.us Whole thread Raw
In response to	Re: @(#)Mordred Labs advisory 0x0007: Remove DoS in PostgreSQL (Þórhallur Hálfdánarson <tolli@tol.li>)
List	pgsql-hackers

Tree view

Þórhallur Hálfdánarson <tolli@tol.li> writes:
> And another (perhaps silly) thought: Currently, if the authentication
> process is exploited, it would kill the postmaster, resulting in a
> total crash of the whole database system.  Would it be beneficial to
> split the connection handling/authorization process to a seperate
> process, and if that process dies, the postmaster would simply start a
> new one, there for not affecting any other backends that are running
> (for authorized users) ? Or am I way of track? :) 

No, just behind the times ;-).  We did that in 7.2.
        regards, tom lane

pgsql-hackers by date:

From: Tom Lane
Date: 30 August 2002, 03:25:29
Subject: Re: [7.3devl] Using PGPASSWORDFILE with psql requires -U

From: Bruce Momjian
Date: 30 August 2002, 03:44:19
Subject: Re: Reporting query duration

Re: @(#)Mordred Labs advisory 0x0007: Remove DoS in PostgreSQL - Mailing list pgsql-hackers

Previous

Next