From: | "Ross J(dot) Reedstrom" <reedstrm(at)rice(dot)edu> |
---|---|
To: | Robert Haas <robertmhaas(at)gmail(dot)com> |
Cc: | KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com>, Stephen Frost <sfrost(at)snowman(dot)net>, Jan Urbański <wulczer(at)wulczer(dot)org>, Itagaki Takahiro <itagaki(dot)takahiro(at)gmail(dot)com>, KaiGai Kohei <kaigai(at)kaigai(dot)gr(dot)jp>, PostgreSQL-Hackers <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: contrib: auth_delay module |
Date: | 2010-11-17 15:32:53 |
Message-ID: | 20101117153253.GA20524@rice.edu |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On Tue, Nov 16, 2010 at 09:41:37PM -0500, Robert Haas wrote:
> On Tue, Nov 16, 2010 at 8:15 PM, KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com> wrote:
> > If we don't need a PoC module for each new hooks, I'm not strongly
> > motivated to push it into contrib tree.
> > How about your opinion?
>
> I'd say let it go, unless someone else feels strongly about it.
I would use this module (rate limit new connection attempts) as soon as
I could. Putting a cap on potential CPU usage on a production DB by either
a blackhat or mistake by a developer caused by a mistake in
configuration (leaving the port accessible) is definitely useful, even
in the face of max_connections. My production apps already have
their connections and seldom need new ones. They all use CPU though.
Ross
--
Ross Reedstrom, Ph.D. reedstrm(at)rice(dot)edu
Systems Engineer & Admin, Research Scientist phone: 713-348-6166
Connexions http://cnx.org fax: 713-348-3665
Rice University MS-375, Houston, TX 77005
GPG Key fingerprint = F023 82C8 9B0E 2CC6 0D8E F888 D3AE 810E 88F0 BEDE
From | Date | Subject | |
---|---|---|---|
Next Message | Magnus Hagander | 2010-11-17 15:35:45 | Indent authentication overloading |
Previous Message | Tom Lane | 2010-11-17 15:25:51 | Re: changing MyDatabaseId |