Home > mailing lists

Re: FPW compression leaks information - Mailing list pgsql-hackers

From	Heikki Linnakangas
Subject	Re: FPW compression leaks information
Date	April 13, 2015 03:38:41
Msg-id	552B1008.8020007@iki.fi Whole thread Raw
In response to	Re: FPW compression leaks information (Robert Haas <robertmhaas@gmail.com>)
Responses	Re: FPW compression leaks information Re: FPW compression leaks information Re: FPW compression leaks information
List	pgsql-hackers

Tree view

On 04/10/2015 05:17 AM, Robert Haas wrote:
> On Apr 9, 2015, at 8:51 PM, Heikki Linnakangas <hlinnaka@iki.fi> wrote:
>> What should we do about this?
>
> I bet that there are at least 1000 covert channel attacks that are more practically exploitable than this.

Care to name some? This is certainly quite cumbersome to exploit, but 
it's doable.

We've talked a lot about covert channels and timing attacks on RLS, but 
this makes me more worried because you can attack passwords stored in 
pg_authid.

- Heikki

pgsql-hackers by date:

From: Alvaro Herrera
Date: 13 April 2015, 03:00:15
Subject: Re: moving from contrib to bin

From: Michael Paquier
Date: 13 April 2015, 03:48:39
Subject: Re: FPW compression leaks information

Re: FPW compression leaks information - Mailing list pgsql-hackers

Previous

Next