On Wed, Sep 20, 2006 at 07:52:33PM -0400, Tom Lane wrote: > face up to the possibility of malicious use. For instance, it's not > very hard to create a DoS situation by running the system out of shared > lock table space:
Didn't you just say we don't try and protect against DoS? ;P > The brute force answer is to make those functions superuser-only, but I > wonder if there is a better way. Perhaps we could just deny public > execute access on them by default, and let admins grant the privilege to > whom they trust. > > Or we could try to do something about limiting the number of such locks > that can be granted, but that seems nontrivial to tackle at such a late > stage of the devel cycle. ISTM that just restricting default access still leaves a pretty big foot-gun laying around... perhaps the best compromise would be to do that for this release and add some kind of a limit in the next release. -- Jim Nasby [EMAIL PROTECTED] EnterpriseDB http://enterprisedb.com 512.569.9461 (cell) ---------------------------(end of broadcast)--------------------------- TIP 6: explain analyze is your friend
