| From: | Michael Paquier <michael(dot)paquier(at)gmail(dot)com> |
|---|---|
| To: | Fujii Masao <masao(dot)fujii(at)gmail(dot)com> |
| Cc: | Magnus Hagander <magnus(at)hagander(dot)net>, hlinnaka <hlinnaka(at)iki(dot)fi>, Robert Haas <robertmhaas(at)gmail(dot)com>, pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: FPW compression leaks information |
| Date: | 2015-04-15 12:20:27 |
| Message-ID: | CAB7nPqQGOqMHHD+xg80t=+8M9x=3SkFk0Rx-HoyDqwdf4E7nzw@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Wed, Apr 15, 2015 at 2:22 PM, Fujii Masao wrote:
> On Wed, Apr 15, 2015 at 11:55 AM, Michael Paquier wrote:
>> 1) Doc patch to mention that it is possible that compression can give
>> hints to attackers when working on sensible fields that have a
>> non-fixed size.
>
> I think that this patch is enough as the first step.
I'll get something done for that at least, a big warning below the
description of wal_compression would do it.
>> 2) Switch at relation level to control wal_compression.
>
> ALTER TABLE SET is not allowed on system catalog like pg_authid. So should we
> change it so that a user can change the flag even on system catalog? I'm afraid
> that the change might cause another problem, though. Probably we can disable
> the compression on every system catalogs by default. But I can imagine that
> someone wants to enable the compression even on system catalog. For example,
> pg_largeobject may cause lots of FPW.
We could enforce a value directly in pg_class.h for only pg_authid if
we think that it is a problem that bad, and rely on the default system
value for the rest. That's a hacky-ugly approach though...
--
Michael
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Michael Paquier | 2015-04-15 12:31:42 | Re: [COMMITTERS] pgsql: Move pg_upgrade from contrib/ to src/bin/ |
| Previous Message | Michael Paquier | 2015-04-15 12:07:43 | TAP tests of pg_rewind not stopping servers used for the tests |