bobozi-cmd commented on issue #721: URL: https://github.com/apache/incubator-teaclave/issues/721#issuecomment-1778900615
One condition is that attacker cannot select plaintext from table, but can select result of some operations like SUM, AVG etc. For protection someone‘s data, DB will filter result after SQL to avoid data source only one row. Attacker may not know any data in DB, but can use == to guess existed id and use SUM(n) and SUM(n-1) to compute target data. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@teaclave.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: notifications-unsubscr...@teaclave.apache.org For additional commands, e-mail: notifications-h...@teaclave.apache.org
