| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Simon Riggs <simon(at)2ndquadrant(dot)com> |
| Cc: | Shay Rojansky <roji(at)roji(dot)org>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Proposed change to make cancellations safe |
| Date: | 2016-04-24 21:38:38 |
| Message-ID: | 29656.1461533918@sss.pgh.pa.us |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Simon Riggs <simon(at)2ndquadrant(dot)com> writes:
> On 24 April 2016 at 17:54, Shay Rojansky <roji(at)roji(dot)org> wrote:
>> I definitely agree that simply tracking message sequence numbers on both
>> sides is better. It's also a powerful feature to be able to cancel all
>> messages "up to N" - I'm thinking of a scenario where, for example, many
>> simple queries are sent and the whole process needs to be cancelled.
> For security, I think any non-matching cancellation would be ignored so
> that only someone with proper context could issue the cancel.
Well, we already have a random cancel key in the requests. As a separate
matter for a protocol change, it might be nice to consider widening the
cancel key to make it harder to brute-force; but I disagree that the
current proposal has anything whatever to do with security.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Sehrope Sarkuni | 2016-04-24 22:02:12 | Add jsonb_compact(...) for whitespace-free jsonb to text |
| Previous Message | Simon Riggs | 2016-04-24 21:14:13 | Re: Proposed change to make cancellations safe |