jakefeasel
commented
11 years ago Thanks for the suggestion. I've added time limits for Postgres and MySQL (Oracle and SQL Server had limits already)
Closed plushy closed 11 years ago
jakefeasel
commented
11 years ago Thanks for the suggestion. I've added time limits for Postgres and MySQL (Oracle and SQL Server had limits already)
plushy
commented
11 years ago How about general limit on the whole set of queries? Ten statements that run for 29 seconds each still can be annoying and block the db.
jakefeasel
commented
11 years ago I guess I'm not sure who that would be annoying for.... the person running the queries? I have a hard time imagining this would be done by accident. If people are just slamming the system with huge queries that are all running up against the timeout, presumably they are doing that as an attack. I hope people aren't doing that, but reducing the timeout or adjusting the window to include the whole body is unlikely to deter such actions. I'm relying upon the fact that people value the service and don't want to see it offline. Seems to be the case so far.
plushy
commented
11 years ago Yeah, I agree it's easy to write a script to keep calling huge queries but that requires some effort. A single fiddle that does: drop table; wait for 29 seconds;*100 is just very easy and prevents others from running queries against the db in that fiddle. More like messing with a friend rather than bringing down the whole stie. I guess I just have a criminal mind :)
jakefeasel
commented
11 years ago Since the drop table and wait would run within a transaction, I'm not sure that it would prevent other transactions from running in that same schema. Tests would be useful here, I suppose. If it was a real problem for your "friend" however, they could easily build a new schema to operate in by making a trivial adjustment to the definition and rebuilding.
plushy
commented
11 years ago For pg it prevents queries against that table since it puts a lock on it, dunno how about others. Oh well, not a big issue really.
It would be good if there was a time limit on queries. Long running queries could be used for all sorts of malicious activity. Benchmark(), pg_sleep() or just infinite loops might be on the table here. Also, please kill http://sqlfiddle.com/#!1/6ccc5/1000 if it's still running I'm sorry for goofing around.