Home > mailing lists

Re: [SECURITY] DoS attack on backend possible (was: Re: - Mailing list pgsql-hackers

From	Justin Clift
Subject	Re: [SECURITY] DoS attack on backend possible (was: Re:
Date	August 12, 2002 01:32:00
Msg-id	3D571E1C.C584F9D1@postgresql.org Whole thread Raw
In response to	Re: [SECURITY] DoS attack on backend possible (was: Re: ("Christopher Kings-Lynne" <chriskl@familyhealth.com.au>)
Responses	Re: [SECURITY] DoS attack on backend possible (was: Re: ("Christopher Kings-Lynne" <chriskl@familyhealth.com.au>) Re: [SECURITY] DoS attack on backend possible (was: Re: (Gavin Sherry <swm@linuxworld.com.au>)
List	pgsql-hackers

Tree view

Hi Chris,

Christopher Kings-Lynne wrote:
> 
<snip> 
> Still, I believe this should require a 7.2.2 release.  Imagine a university
> database server for a course for example - the students would just crash it
> all the time.

Hey yep, good point.

Is this the only way that we know of non postgresql-superusers to be
able to take out the server other than by extremely non-optimal,
resource wasting queries?

If we release a 7.2.2 because of this, can we be pretty sure we have a
"no known vulnerabilities" release, or are there other small holes which
should be fixed too?

:-)

Regards and best wishes,

Justin Clift

> Chris

-- 
"My grandfather once told me that there are two kinds of people: those
who work and those who take the credit. He told me to try to be in the
first group; there was less competition there."  - Indira Gandhi

pgsql-hackers by date:

From: "Christopher Kings-Lynne"
Date: 12 August 2002, 01:25:24
Subject: Re: [SECURITY] DoS attack on backend possible (was: Re:

From: "Christopher Kings-Lynne"
Date: 12 August 2002, 01:37:45
Subject: Re: [SECURITY] DoS attack on backend possible (was: Re:

Re: [SECURITY] DoS attack on backend possible (was: Re: - Mailing list pgsql-hackers

Previous

Next