On Fri, Jul 20, 2018 at 2:17 AM, Jeremy Schneider <schnjere@amazon.com> wrote:
I'd like to bump this old bug that Lloyd filed for more discussion. It seems serious enough to me that we should at least talk about it.
Anyone with simply the login privilege and the ability to run SQL can instantly block all new incoming connections to a DB including new superuser connections.
So.. don't VACUUM FULL pg_authid without lock_timeout?
I can come up with dozens of ways to achieve the same effect, all of them silly.