| From: | Joe Conway <mail(at)joeconway(dot)com> |
|---|---|
| To: | Laurenz Albe <laurenz(dot)albe(at)cybertec(dot)at>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Robert Haas <robertmhaas(at)gmail(dot)com> |
| Cc: | Andrew Dunstan <andrew(at)dunslane(dot)net>, David Rowley <dgrowleyml(at)gmail(dot)com>, PostgreSQL Hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: can we mark upper/lower/textlike functions leakproof? |
| Date: | 2024-08-01 13:54:52 |
| Message-ID: | e42ce45b-e9c3-4680-bbc4-b59c32cfc7d0@joeconway.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 8/1/24 07:17, Laurenz Albe wrote:
> On Wed, 2024-07-31 at 14:43 -0400, Joe Conway wrote:
>> I still maintain that there is a whole host of users that would accept
>> the risk of side channel attacks via existence of an error or not, if
>> they could only be sure nothing sensitive leaks directly into the logs
>> or to the clients. We should give them that choice.
>
> I think that you are right.
thanks
> But what do you tell the users who would not accept that risk?
Document that the option should not be used if that is the case
¯\_(ツ)_/¯
--
Joe Conway
PostgreSQL Contributors Team
RDS Open Source Databases
Amazon Web Services: https://aws.amazon.com
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Joe Conway | 2024-08-01 14:05:44 | Re: can we mark upper/lower/textlike functions leakproof? |
| Previous Message | Oleg Tselebrovskiy | 2024-08-01 13:37:12 | Re: Why is citext/regress failing on hamerkop? |