From: | Bruce Momjian <bruce(at)momjian(dot)us> |
---|---|
To: | Peter Eisentraut <peter(at)eisentraut(dot)org> |
Cc: | Heikki Linnakangas <hlinnaka(at)iki(dot)fi>, pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: Make query cancellation keys longer |
Date: | 2024-03-06 01:12:18 |
Message-ID: | ZefC8pFljxDXLRWk@momjian.us |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On Fri, Mar 1, 2024 at 03:19:23PM +0100, Peter Eisentraut wrote:
> On 29.02.24 22:25, Heikki Linnakangas wrote:
> > Currently, cancel request key is a 32-bit token, which isn't very much
> > entropy. If you want to cancel another session's query, you can
> > brute-force it. In most environments, an unauthorized cancellation of a
> > query isn't very serious, but it nevertheless would be nice to have more
> > protection from it. The attached patch makes it longer. It is an
> > optional protocol feature, so it's fully backwards-compatible with
> > clients that don't support longer keys.
>
> My intuition would be to make this a protocol version bump, not an optional
> feature. I think this is something that everyone should eventually be
> using, not a niche feature that you explicitly want to opt-in for.
Agreed.
--
Bruce Momjian <bruce(at)momjian(dot)us> https://momjian.us
EDB https://enterprisedb.com
Only you can decide what is important to you.
From | Date | Subject | |
---|---|---|---|
Next Message | Jacob Champion | 2024-03-06 01:14:46 | Re: [PATCH] Exponential backoff for auth_delay |
Previous Message | Peter Geoghegan | 2024-03-06 00:50:18 | Re: Optimizing nbtree ScalarArrayOp execution, allowing multi-column ordered scans, skip scan |