Обсуждение: BUG #16522: No anti-violent cracking mechanism

Поиск
Список
Период
Сортировка

BUG #16522: No anti-violent cracking mechanism

От
PG Bug reporting form
Дата:
The following bug has been logged on the website:

Bug reference:      16522
Logged by:          yi Ding
Email address:      abcxiaod@126.com
PostgreSQL version: 10.13
Operating system:   linux
Description:

Pg database is not locked after password verification fails several times.

Re: BUG #16522: No anti-violent cracking mechanism

От
Magnus Hagander
Дата:


On Wed, Jul 1, 2020 at 12:07 PM PG Bug reporting form <noreply@postgresql.org> wrote:
The following bug has been logged on the website:

Bug reference:      16522
Logged by:          yi Ding
Email address:      abcxiaod@126.com
PostgreSQL version: 10.13
Operating system:   linux
Description:       

Pg database is not locked after password verification fails several times.


Correct, there is no such feature built-in, so there is no bug in something that does not work.

If you want this feature you can integrate PostgreSQL with numerous external authentication methods such as gssapi, ldap, radius or pam, all of which can provide such functionality if set up right. You can also use fail2ban or some simple log-tailing script that implements it.

--