From: | Keith Parks <emkxp01(at)mtcc(dot)demon(dot)co(dot)uk> |
---|---|
To: | pgsql-hackers(at)postgresql(dot)org, tgl(at)sss(dot)pgh(dot)pa(dot)us |
Subject: | Re: [HACKERS] VACUUM as a denial-of-service attack |
Date: | 1999-11-23 22:18:53 |
Message-ID: | 199911232218.WAA07783@mtcc.demon.co.uk |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
>From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
>I think a reasonable answer to this is to restrict VACUUM on any
>table to be allowed only to the table owner and Postgres superuser.
>Does anyone have an objection or better idea?
In the dim and distant past I produced a patch that put vacuum
into the list of things that you could GRANT on a per-table
basis. I don't know what effort it would take to rework that
for current or if it would be worth it.
I think your suggestion above would be perfect if you never
need to allow anyone else to vacuum a table.
I'va attached the old patch below.
Keith.
Attachment | Content-Type | Size |
---|---|---|
oldvacacl.diff | text/plain | 12.9 KB |
From | Date | Subject | |
---|---|---|---|
Next Message | Bruce Momjian | 1999-11-24 00:44:02 | Cache on pg_statistics |
Previous Message | Ansley, Michael | 1999-11-23 20:57:29 | RE: AW: [HACKERS] SQL statements: begin and end |