Re: [HACKERS] Re: New pg_pwd patch and stuff
Micha3 Mosiewicz <mimo@lodz.pdi.net>
From: "Micha3 Mosiewicz" <mimo@lodz.pdi.net>
To: The Hermit Hacker <scrappy@hub.org>
Date: 1998-01-18T03:39:45Z
Lists: pgsql-hackers
The Hermit Hacker wrote: > Hrmmmm...i don't quite agree with this. postmaster can handle one > connection at a time, and then has to pass it off to the postgres backend > process...DoS attacks are easier now then by forking before HBA. I just have Forking is not so bad... but isn't there any exec also? And of course it's a difference if your machine is overloaded by processes or if it's only one service that doesn't respond becouse the access-controling code is disabled. Second question... if we speak only about forking postmaster, or it's about forking-execing-opening files-reading-etc stuff? If it's only fork, I would totally agree with you, otherwise I'm not sure which is worse... Mike -- WWW: http://www.lodz.pdi.net/~mimo tel: Int. Acc. Code + 48 42 148340 add: Michal Mosiewicz * Bugaj 66 m.54 * 95-200 Pabianice * POLAND