| From: | Michael Paquier <michael(at)paquier(dot)xyz> |
|---|---|
| To: | Ian Barwick <ian(dot)barwick(at)2ndquadrant(dot)com> |
| Cc: | Bruce Momjian <bruce(at)momjian(dot)us>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: PG 12 draft release notes |
| Date: | 2019-05-22 07:26:51 |
| Message-ID: | 20190522072651.GC1278@paquier.xyz |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Wed, May 22, 2019 at 09:19:53AM +0900, Ian Barwick wrote:
> the last two items are performance improvements not related to authentication;
> presumably the VACUUM item would be better off in the "Utility Commands"
> section and the TRUNCATE item in "General Performance"?
I agree with removing them from authentication, but these are not
performance-related items. Instead I think that "Utility commands" is
a place where they can live better.
I am wondering if we should insist on the DOS attacks on a server, as
non-authorized users are basically able to block any tables, and
authorization is only a part of it, one of the worst parts
actually... Anyway, I think that "This prevents unauthorized locking
delays." does not provide enough details. What about reusing the
first paragraph of the commits? Here is an idea:
"A caller of TRUNCATE/VACUUM/ANALYZE could previously queue for an
access exclusive lock on a relation it may not have permission to
truncate/vacuum/analyze, potentially interfering with users authorized
to work on it. This could prevent users from accessing some relations
they have access to, in some cases preventing authentication if a
critical catalog relation was blocked."
--
Michael
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Michael Paquier | 2019-05-22 07:32:26 | Re: Should MSVC 2019 support be an open item for v12? |
| Previous Message | Michael Paquier | 2019-05-22 07:15:55 | ACL dump ordering broken as well for tablespaces |