Home > mailing lists

Re: [BUGS] BUG #4919: CREATE USER command slows down system performance - Mailing list pgsql-performance

From	Marko Kreen
Subject	Re: [BUGS] BUG #4919: CREATE USER command slows down system performance
Date	July 15, 2009 15:31:38
Msg-id	e51f66da0907150831p1432de8cv378d33bf34633aec@mail.gmail.com Whole thread Raw
In response to	Re: [BUGS] BUG #4919: CREATE USER command slows down system performance (David Wilson <david.t.wilson@gmail.com>)
List	pgsql-performance

Tree view

On 7/15/09, David Wilson <david.t.wilson@gmail.com> wrote:
> On Wed, Jul 15, 2009 at 11:10 AM, Marko Kreen<markokr@gmail.com> wrote:
>  > From security standpoint, wasting more cycles on bad passwords is good,
>  > as it decreases the rate bruteforce password scanning can happen.
>  >
>  > And I cannot imagine a scenario where performance on invalid logins
>  > can be relevant..
>
>
> DoS attacks. The longer it takes to reject an invalid login, the fewer
>  invalid login attempts it takes to DoS the server.

No, this is not a good argument against it.  Especially if you consider
that DoS via hanging-connect or SSL is still there.

Compared to minor DoS, the password-leakage is much worse danger.

--
marko

pgsql-performance by date:

From: Tom Lane
Date: 15 July 2009, 15:30:53
Subject: Re: [BUGS] BUG #4919: CREATE USER command slows down system performance

From: Scott Mead
Date: 15 July 2009, 15:33:16
Subject: Re: Performance comparison between Postgres and Greenplum

Re: [BUGS] BUG #4919: CREATE USER command slows down system performance - Mailing list pgsql-performance

Previous

Next