ygerzhedovich edited a comment on pull request #8947: URL: https://github.com/apache/ignite/pull/8947#issuecomment-810300453
Hello @nizhikov Query plan contains table names and fields which are part of the schema. Schema could be treated as sensitive. Data is most important and is a compromise target for attackers. Schema is at best an information leak. That said, databases themselves typically treat schema metadata at a different and higher privilege level than the data, not without reason. Schema provides attackers with useful hints. And a user with privileges to see schema can almost always see data, while users with privileges to see data may not be able to see schema. So schema should not be considered unnecessary to protect. But data is most important. Also, I know cases, when some companies (e.g. most of Banks) can't share logs thats, contains any information related to data schema. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected]
