Excerpts from Charles Pritchard's message of lun nov 08 20:25:21 -0300 2010: > On 11/8/2010 3:03 PM, Alvaro Herrera wrote: > > Excerpts from Kevin Grittner's message of lun nov 08 19:30:54 -0300 2010: > >> David Fetter<da...@fetter.org> wrote: > >> > >>> That's not proof against a DoS > >> > >> What client API is? > > This spec gives free rein into every web user's system to webmasters. > > If this isn't terminally dangerous, I don't know what is. > > DoS is more-or-less the responsibility of the host to send up alerts like: > "This page is hanging, do you want to continue..." or otherwise > automatically close hanging queries.
I classify that kind of approach to security as "terminally dangerous", yes. > I don't believe the webmaster is granted free rein: > Disk quotas are enforced, data is separated per origin, > hanging processes are up to the implementer, and postgres has plenty of > settings for that. The day a privilege escalation is found and some webserver runs "pg_read_file()" on your browser, will be a sad one indeed. > The default disk quota per origin is generally 5megs; beyond that, > additional user interaction is requested. So 5 megs to a.example.com, 5 megs to b.example.com, and so on? Sounds, eh, great. -- Álvaro Herrera <alvhe...@commandprompt.com> The PostgreSQL Company - Command Prompt, Inc. PostgreSQL Replication, Consulting, Custom Development, 24x7 support -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
