PGConf.SPB 2023

In this talk, I will explain how you can organize account management in a microservice environment: organization of a role model, authentication via SSO and cross-service authentication.

We will present adaptive query optimization techniques and key capabilities of the new version of AQO and SR_PLAN extensions.

An important aspect of PostgreSQL database security and reliability is backup practices. The talk will reveal the main techniques and methods used to protect data, prevent loss and successfully recover information in case of human error, failures or emergencies. We will tell how CyberBackup helps to protect PostgreSQL, including configuration in Patroni cluster: we will consider system deployment options, important aspects of backup policy configuration, including full and incremental backups. We will also show how to easily work with backups via mount and do granular restores.

Fuzzing research is feeding random input data to a program (or a part of it) (in fact, randomness is very conditional) and seeing what we get out of it. And we repeat it many times on many processors.

Fuzzing a large monolithic program complex is never a simple task. It requires extraordinary solutions. In this talk, I will tell you what and how we searched with the help of fuzzing and what results it led to.

• Investigation of data type parsing functions (input-functions): for warming up;
• Investigation of functions implementing operations between types (op-functions): it is better to consider the structure here;
• Network subsystem fuzzing: let's pretend we are POSIX calls, it's cheaper that way;
• Recovering disk context: we need Groundhog Day.

A story about funny bugs and ridiculous hand gestures will be included.