On Fri, 17 Oct 2003, Neil Conway wrote:
> On Fri, 2003-10-17 at 07:23, Bruce Momjian wrote:
> > We don't want to fire up a backend until we know this is a valid user.
>
> We do the fork() before we even look at the client's connection packet,
> so I'm sceptical that going through all that trouble really makes us
> significantly more resistant to a DOS attack.
The point is that its alot faster for the backend to open a text file and
parse that, then it is to open up a full database connection just to SQL
query a table to see if the person is allowed to open the database
connection in the first place ...
Then again, doesn't that almost defeat the purpose of checking in the
first place? :)