Home > mailing lists

Re: can we mark upper/lower/textlike functions leakproof? - Mailing list pgsql-hackers

From	Joe Conway
Subject	Re: can we mark upper/lower/textlike functions leakproof?
Date	August 1 16:54:52
Msg-id	e42ce45b-e9c3-4680-bbc4-b59c32cfc7d0@joeconway.com Whole thread Raw
In response to	Re: can we mark upper/lower/textlike functions leakproof? (Laurenz Albe <laurenz.albe@cybertec.at>)
Responses	Re: can we mark upper/lower/textlike functions leakproof?
List	pgsql-hackers

Tree view

On 8/1/24 07:17, Laurenz Albe wrote:
> On Wed, 2024-07-31 at 14:43 -0400, Joe Conway wrote:
>> I still maintain that there is a whole host of users that would accept 
>> the risk of side channel attacks via existence of an error or not, if 
>> they could only be sure nothing sensitive leaks directly into the logs 
>> or to the clients. We should give them that choice.
> 
> I think that you are right.

thanks

> But what do you tell the users who would not accept that risk?

Document that the option should not be used if that is the case

¯\_(ツ)_/¯

-- 
Joe Conway
PostgreSQL Contributors Team
RDS Open Source Databases
Amazon Web Services: https://aws.amazon.com

pgsql-hackers by date:

From: Oleg Tselebrovskiy
Date: 01 August, 16:37:12
Subject: Re: Why is citext/regress failing on hamerkop?

From: Joe Conway
Date: 01 August, 17:05:44
Subject: Re: can we mark upper/lower/textlike functions leakproof?

Re: can we mark upper/lower/textlike functions leakproof? - Mailing list pgsql-hackers

Previous

Next