Home > mailing lists

Re: BUG #15182: Canceling authentication due to timeout aka Denial ofService Attack - Mailing list pgsql-hackers

From	Marko Tiikkaja
Subject	Re: BUG #15182: Canceling authentication due to timeout aka Denial ofService Attack
Date	July 21, 2018 03:56:13
Msg-id	CAL9smLDgjXceft0KDdthy8FK2LJ5VPG3E_bvWK3Ow-w7ePGwqg@mail.gmail.com Whole thread Raw
In response to	Fwd: BUG #15182: Canceling authentication due to timeout aka Denialof Service Attack (Jeremy Schneider <schnjere@amazon.com>)
Responses	Re: BUG #15182: Canceling authentication due to timeout aka Denial ofService Attack (Jeff Janes <jeff.janes@gmail.com>)
List	pgsql-hackers

Tree view

On Fri, Jul 20, 2018 at 2:17 AM, Jeremy Schneider <schnjere@amazon.com> wrote:

I'd like to bump this old bug that Lloyd filed for more discussion. It
seems serious enough to me that we should at least talk about it.

Anyone with simply the login privilege and the ability to run SQL can
instantly block all new incoming connections to a DB including new
superuser connections.

So.. don't VACUUM FULL pg_authid without lock_timeout?

I can come up with dozens of ways to achieve the same effect, all of them silly.

pgsql-hackers by date:

From: Jerry Jelinek
Date: 21 July 2018, 03:50:37
Subject: Re: patch to allow disable of WAL recycling

From: Jerry Jelinek
Date: 21 July 2018, 04:04:55
Subject: Re: patch to allow disable of WAL recycling

Re: BUG #15182: Canceling authentication due to timeout aka Denial ofService Attack - Mailing list pgsql-hackers

Previous

Next