Re: [HACKERS] VACUUM as a denial-of-service attack
Keith Parks <emkxp01@mtcc.demon.co.uk>
From: Keith Parks <emkxp01@mtcc.demon.co.uk>
To: pgsql-hackers@postgresql.org, tgl@sss.pgh.pa.us
Date: 1999-11-23T22:18:53Z
Lists: pgsql-hackers
Attachments
- oldvacacl.diff (text/plain)
>From: Tom Lane <tgl@sss.pgh.pa.us> >I think a reasonable answer to this is to restrict VACUUM on any >table to be allowed only to the table owner and Postgres superuser. >Does anyone have an objection or better idea? In the dim and distant past I produced a patch that put vacuum into the list of things that you could GRANT on a per-table basis. I don't know what effort it would take to rework that for current or if it would be worth it. I think your suggestion above would be perfect if you never need to allow anyone else to vacuum a table. I'va attached the old patch below. Keith.