On Wed, Apr 15, 2015 at 2:22 PM, Fujii Masao wrote:
> On Wed, Apr 15, 2015 at 11:55 AM, Michael Paquier wrote:
>> 1) Doc patch to mention that it is possible that compression can give
>> hints to attackers when working on sensible fields that have a
>> non-fixed size.
>
> I think that this patch is enough as the first step.
I'll get something done for that at least, a big warning below the
description of wal_compression would do it.
>> 2) Switch at relation level to control wal_compression.
>
> ALTER TABLE SET is not allowed on system catalog like pg_authid. So should we
> change it so that a user can change the flag even on system catalog? I'm afraid
> that the change might cause another problem, though. Probably we can disable
> the compression on every system catalogs by default. But I can imagine that
> someone wants to enable the compression even on system catalog. For example,
> pg_largeobject may cause lots of FPW.
We could enforce a value directly in pg_class.h for only pg_authid if
we think that it is a problem that bad, and rely on the default system
value for the rest. That's a hacky-ugly approach though...
--
Michael
