On Tue, Apr 9, 2013 at 10:57 AM, Fabio Rueda Carrascosa
<avances123@gmail.com> wrote:
> My grant/revoke architecture is fine, you mean about costly cpu/ram queries?
it has nothing to do with grant/revoke. There are multiple trivial
things a user can do to DOS you server. You can prevent a lot of
them, but it's definitely whack-a-mole. If you don't believe me, try
logging into schemaverse in the next few moments. I just took it
down. It will come up shortly.
The only way I will advise opening up database to untrusted user is
through pgbouncer (modified to allow only v3 parameterized queries
that match a whitelist).
merlin