The Hermit Hacker wrote:
> Hrmmmm...i don't quite agree with this. postmaster can handle one
> connection at a time, and then has to pass it off to the postgres backend
> process...DoS attacks are easier now then by forking before HBA. I just have
Forking is not so bad... but isn't there any exec also? And of course
it's a difference if your machine is overloaded by processes or if it's
only one service that doesn't respond becouse the access-controling code
is disabled.
Second question... if we speak only about forking postmaster, or it's
about forking-execing-opening files-reading-etc stuff? If it's only
fork, I would totally agree with you, otherwise I'm not sure which is
worse...
Mike
--
WWW: http://www.lodz.pdi.net/~mimo tel: Int. Acc. Code + 48 42 148340
add: Michal Mosiewicz * Bugaj 66 m.54 * 95-200 Pabianice * POLAND
