| From: | Bruce Momjian <bruce(at)momjian(dot)us> |
|---|---|
| To: | Josh Berkus <josh(at)agliodbs(dot)com> |
| Cc: | pgsql-hackers(at)postgresql(dot)org, Merlin Moncure <mmoncure(at)gmail(dot)com>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, "Jim C(dot) Nasby" <jnasby(at)pervasive(dot)com> |
| Subject: | Re: advisory locks and permissions |
| Date: | 2006-09-21 03:17:52 |
| Message-ID: | 200609210317.k8L3HqZ13438@momjian.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Doesn't creating many temp tables in a transaction do the same thing?
---------------------------------------------------------------------------
Josh Berkus wrote:
> All,
>
> > I vote for locking down to superuser access (lets be frank here: I
> > would estimate 90%+ database installatons run with the application as
> > root) so we are not losing much.
>
> Not in my experience. Note that making them superuser-only pretty much puts
> them out of the hands of hosted applications.
>
> How simple would it be to limit the number of advisory locks available to a
> single request? That would at least make the DOS non-trivial. Or to put in
> a handle (GUC?) that allows turning advisory locks off?
>
> Hmmm ... I'll bet I could come up with other ways to use generate_series in a
> DOS, even without advisory locks ...
>
> --
> Josh Berkus
> PostgreSQL @ Sun
> San Francisco
>
> ---------------------------(end of broadcast)---------------------------
> TIP 6: explain analyze is your friend
--
Bruce Momjian bruce(at)momjian(dot)us
EnterpriseDB http://www.enterprisedb.com
+ If your life is a hard drive, Christ can be your backup. +
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bruce Momjian | 2006-09-21 03:22:56 | Re: Release Notes: Major Changes in 8.2 |
| Previous Message | Josh Berkus | 2006-09-21 03:15:21 | Re: advisory locks and permissions |