Re: Proposed change to make cancellations safe
| От | Tom Lane |
|---|---|
| Тема | Re: Proposed change to make cancellations safe |
| Дата | |
| Msg-id | 29656.1461533918@sss.pgh.pa.us обсуждение |
| Ответ на | Re: Proposed change to make cancellations safe (Simon Riggs <simon@2ndQuadrant.com>) |
| Список | pgsql-hackers |
Simon Riggs <simon@2ndquadrant.com> writes:
> On 24 April 2016 at 17:54, Shay Rojansky <roji@roji.org> wrote:
>> I definitely agree that simply tracking message sequence numbers on both
>> sides is better. It's also a powerful feature to be able to cancel all
>> messages "up to N" - I'm thinking of a scenario where, for example, many
>> simple queries are sent and the whole process needs to be cancelled.
> For security, I think any non-matching cancellation would be ignored so
> that only someone with proper context could issue the cancel.
Well, we already have a random cancel key in the requests. As a separate
matter for a protocol change, it might be nice to consider widening the
cancel key to make it harder to brute-force; but I disagree that the
current proposal has anything whatever to do with security.
regards, tom lane
В списке pgsql-hackers по дате отправления: