Re: [HACKERS] Re: New pg_pwd patch and stuff

Micha3 Mosiewicz <mimo@lodz.pdi.net>

From: "Micha3 Mosiewicz" <mimo@lodz.pdi.net>
To: The Hermit Hacker <scrappy@hub.org>
Date: 1998-01-18T03:39:45Z
Lists: pgsql-hackers
The Hermit Hacker wrote:

>         Hrmmmm...i don't quite agree with this.  postmaster can handle one
> connection at a time, and then has to pass it off to the postgres backend
> process...DoS attacks are easier now then by forking before HBA.  I just have

Forking is not so bad... but isn't there any exec also? And of course
it's a difference if your machine is overloaded by processes or if it's
only one service that doesn't respond becouse the access-controling code
is disabled.

Second question... if we speak only about forking postmaster, or it's
about forking-execing-opening files-reading-etc stuff? If it's only
fork, I would totally agree with you, otherwise I'm not sure which is
worse... 

Mike

-- 
WWW: http://www.lodz.pdi.net/~mimo  tel: Int. Acc. Code + 48 42 148340
add: Michal Mosiewicz  *  Bugaj 66 m.54 *  95-200 Pabianice  *  POLAND