On 07/06/10 10:30, KaiGai Kohei wrote: > (2010/06/07 15:48), Heikki Linnakangas wrote: >> There's many side channels like exposing row counts in EXPLAIN and >> statistics and timing attacks, that are not as critical, because they >> don't let expose all data, and the attacker can't accurately choose what >> data is exposed. Those are not as important. >> > It also means; because they can provide much smaller bandwidth to leak > invisible information than error messages, these are not as important. > Is it right?
The big difference is what information can be obtained, not how fast it can be obtained. Imagine a table that holds username/passwords for users. Each user is allowed to see his own row, including password, but not anyone else's. EXPLAIN side-channel might give pretty accurate information of how many rows there is in the table, and via clever EXPLAIN+statistics probing you might be able to find out what the top-10 passwords are, for example. But if you wanted to know what your neighbor's password is, the side-channels would not help you much, but an error message would reveal it easily. -- Heikki Linnakangas EnterpriseDB http://www.enterprisedb.com -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
