Password-file caching is broken

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: pgsql-hackers(at)postgreSQL(dot)org
Subject: Password-file caching is broken
Date: 2001-11-01 18:22:06
Message-ID: 22831.1004638926@sss.pgh.pa.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

The password-file cache implemented by src/backend/libpq/crypt.c is
now dysfunctional, because it is only loaded when a password check is
requested, which is after the postmaster's child process has forked
away from the postmaster. The cache is always empty in the postmaster,
and every new backend will read up and cache the whole file before
probing the cache ... once.

One fairly reasonable solution would be to have the postmaster load
the cache when receiving SIGHUP (when it also reloads its other config
files). Then we could remove the password-file-reload-flag-file
mechanism in favor of just kill(getppid(), SIGHUP), a mechanism we
already use in other places.

If we don't do that, I am strongly inclined to remove the password cache
mechanism and just allow the code to reread pg_pwd when checking a
password.

If we do keep the cache, I think I will also tweak crypt.c to store
the cache in PostmasterContext palloc space, rather than malloc space,
so that it will be freed when entering a new backend.

Comments?

regards, tom lane

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Tom Lane 2001-11-01 18:37:30 Re: user authentication crash by Erik Luke (20-08-2001; 1.3kb)
Previous Message Mr. Shannon Aldinger 2001-11-01 18:16:43 Re: Posgresql 7.2b1 crashes