Home > mailing lists

Re: Two-phase commit security restrictions - Mailing list pgsql-hackers

From	Oliver Jowett
Subject	Re: Two-phase commit security restrictions
Date	October 14, 2004 09:22:05
Msg-id	416E0CD3.1030104@opencloud.com Whole thread Raw
In response to	Re: Two-phase commit security restrictions (David Garamond <lists@zara.6.isreserved.com>)
List	pgsql-hackers

Tree view

David Garamond wrote:

>> So it is possible for a user connected to the DB to send random commit
>> or cancel commands, just in case she happens to hit a valid GID?
> 
> 
> It is not essentially different from someone trying to bruteforce a 
> password. A 128bit value like a random GUID is as strong as a 16 char 
> password comprising ASCII 0-255 characters. And I would argue that this 
> is _not_ security through obscurity. Security through obscurity is 
> relying on unpublished methods/algorithms. This is not.

You have no guarantees that GIDs generated by an external transaction 
manager are random. An obvious implementation is TM-identity plus 
sequence number, which is very predictable.

-O

pgsql-hackers by date:

From: David Garamond
Date: 14 October 2004, 09:01:04
Subject: Re: Two-phase commit security restrictions

From: "Michael Paesold"
Date: 14 October 2004, 10:18:05
Subject: Re: Why we still see some reports of "could not access transaction status"

Re: Two-phase commit security restrictions - Mailing list pgsql-hackers

Previous

Next