On Thu, Mar 25, 2004 at 12:25:33 +0100, Martin Pitt <[EMAIL PROTECTED]> wrote: > > Either way, this situation leads to a DoS of the database system or the > entire machine. Since any user with enough privileges to access the > database can create and execute functions, this raises a slight security > concern.
It is going to be very difficult to prevent authorized postgres users from DOSing the server. While fixing this issue will make it harder to accidentally shoot ones self in the foot, you cannot expect to give untrusted users access to postgres and have the server be secure from DOS attacks. ---------------------------(end of broadcast)--------------------------- TIP 4: Don't 'kill -9' the postmaster
