Wednesday, August 13, 2008

Re: [HACKERS] Replay attack of query cancel

Tom Lane wrote:
>[ thinks for a bit... ] You could make it a change in the cancel
>protocol, which is to some extent independent of the main FE/BE
>protocol. The problem is: how can the client know whether it's okay to
>use this new protocol for cancel?

Two options:
a. Send two cancelkeys in rapid succession at session startup, whereas
the first one is 0 or something. The client can detect the first
"special" cancelkey and then knows that the connection supports
cancelmethod 2.
b. At sessionstartup, advertise a new runtimeparameter:
cancelmethod=plainkey,hmaccoded
which the client can then chose from.

I'd prefer b over a.
--
Sincerely,
Stephen R. van den Berg.

"And now for something *completely* different!"

--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers

No comments: