Re: PostgreSQL Question

["Richard Zimmerman" <Richard@xxxxxxxxxxxx>]

> a-w-h-i-l-e (assuming an intelligently configured filesystem).  If your
swap is
> on a SCSI controller or IDE controller connected via an ISA bus it is even
more
> fun:  All a DOS attacker has to do is churn up enough memory that a
contiguous
> block isn't available below 16M (ISA can't DMA to physical addresses above
16M)
> and then your swap requests just queue-up inside the kernel until it goes
> crunch.

   OUCH! That wouldn't be pretty!

    According to the docs at (
http://www.postgresql.org/devel-corner/docs/admin/runtime-config.html )
within the postgresql.conf file (which I seem to be missing) you can specify
the following:

*-*-*-*-*-*-*
MAX_CONNECTIONS (integer)
Determines how many concurrent connections the database server will allow.
The default is 32. There is also a compiled-in hard upper limit on this
value, which is typically 1024 (both numbers can be altered when compiling
the server). This parameter can only be set at server start.
*-*-*-*-*-*-*

    Theroretically in a DOS attack, this should limit the amount of traffic
thrown at it. I'd assume Postgresql  would simply reject further connections
attempts and hold it to the max set value. That in itself should hold some
sort of a line on memory useage, shouldn't it?

> Don't know of hand how to make pgSQL stop listening on an interface....

   Hmmm.. If anyone knew I figured you would... Guess it's time for me to
hunt down the PostgreSQL newsgroup  / email support list and post the
question there.... I'll post the answer when I run across it.

   Any ideas on why I don't have a postgresql.conf file? I used the .rpm
installs. I supose I could create one in /var/lib/pgsql/data and throw
somwthing wild into it to see if PostgreSQL see it... <G>

   Thanks!

   Goose