From: | Merlin Moncure <mmoncure(at)gmail(dot)com> |
---|---|
To: | Fabio Rueda Carrascosa <avances123(at)gmail(dot)com> |
Cc: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, pgsql-general <pgsql-general(at)postgresql(dot)org> |
Subject: | Re: Disallow SET command in a postgresql server |
Date: | 2013-04-09 16:15:43 |
Message-ID: | CAHyXU0xrz3BDic2JROSv77xGfgYXWv9m0nUivhqYNO9C_abYWQ@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-general |
On Tue, Apr 9, 2013 at 11:13 AM, Merlin Moncure <mmoncure(at)gmail(dot)com> wrote:
> On Tue, Apr 9, 2013 at 10:57 AM, Fabio Rueda Carrascosa
> <avances123(at)gmail(dot)com> wrote:
>> My grant/revoke architecture is fine, you mean about costly cpu/ram queries?
>
> it has nothing to do with grant/revoke. There are multiple trivial
> things a user can do to DOS you server. You can prevent a lot of
> them, but it's definitely whack-a-mole. If you don't believe me, try
> logging into schemaverse in the next few moments. I just took it
> down. It will come up shortly.
schemaverse (one of the neatest things on the internet) is now functioning!
merlin
From | Date | Subject | |
---|---|---|---|
Next Message | Joshua D. Drake | 2013-04-09 16:20:11 | Re: Disallow SET command in a postgresql server |
Previous Message | Merlin Moncure | 2013-04-09 16:13:18 | Re: Disallow SET command in a postgresql server |