From: | Peter Eisentraut <peter_e(at)gmx(dot)net> |
---|---|
To: | PostgreSQL Development <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Doing authentication in backend |
Date: | 2001-06-14 16:31:54 |
Message-ID: | Pine.LNX.4.30.0106141817590.2008-100000@peter.localdomain |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
If we did this the straightforward way (exchange authentication packets
after fork()) then rogue clients could connect, start a backend, twiddle
thumbs, never finish the authentication exchange, meanwhile having filled
up the limit on the number of connections. Somehow the backends would
have to report back to the postmaster that the authentication passed.
But then an attacker could easily fill up the system's process table with
this approach. If you in turn put a cap on that to save your system at
large, you're back to having DoS'ed your database server.
Then you would have to put a timeout on the completion of the
authentication sequence. This would be a fairly tricky thing to configure
given the various choices of ways to authenticate, including interactive
ones.
ISTM that there is some merit in having authentication happen *before*
doing much else, especially allocating per-connection resources.
Comments?
--
Peter Eisentraut peter_e(at)gmx(dot)net http://funkturm.homeip.net/~peter
From | Date | Subject | |
---|---|---|---|
Next Message | Bruce Momjian | 2001-06-14 16:36:48 | Re: Removal of temp tables |
Previous Message | Tom Lane | 2001-06-14 15:23:29 | Re: [PATCHES] Removal of temp tables |