| From: | oleg yusim <olegyusim(at)gmail(dot)com> |
|---|---|
| To: | PostgreSQL General <pgsql-general(at)postgresql(dot)org> |
| Subject: | Shared system resources |
| Date: | 2015-12-22 22:52:23 |
| Message-ID: | CAKd4e_GNsLAArBPS9eihBzDD=0+xEgE_ArinnXLaqWJLmkkWrQ@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Greetings,
I'm looking at the following security control right now:
*The DBMS must prevent unauthorized and unintended information transfer via
shared system resources.*
The purpose of this control is to prevent information, including encrypted
representations of information, produced by the actions of a prior
user/role (or the actions of a process acting on behalf of a prior
user/role) from being available to any current user/role (or current
process) that obtains access to a shared system resource (e.g., registers,
main memory, secondary storage) after the resource has been released back
to the information system. Control of information in shared resources is
also referred to as object reuse.
From previous discussions, I understood that session in PostgreSQL is
closely associated with process, and it is essentially new process for
every user connection. In regards to that, my question would be:
When user disconnects, process is terminated and all resources are
released, does memory, session/process stored information at gets
"sanitized" or just released as is?
Thanks,
Oleg
| From | Date | Subject | |
|---|---|---|---|
| Next Message | David Wilson | 2015-12-22 23:21:27 | Re: Shared system resources |
| Previous Message | Melvin Davidson | 2015-12-22 19:31:26 | Re: Table with seemingly duplicated primary key values |