| From: | Fujii Masao <fujii(at)postgresql(dot)org> |
|---|---|
| To: | pgsql-committers(at)postgresql(dot)org |
| Subject: | pgsql: Make wal_compression PGC_SUSET rather than PGC_USERSET. |
| Date: | 2015-07-09 13:31:58 |
| Message-ID: | E1ZDBvi-0003jJ-J0@gemulon.postgresql.org |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-committers |
Make wal_compression PGC_SUSET rather than PGC_USERSET.
When enabling wal_compression, there is a risk to leak data similarly to
the BREACH and CRIME attacks on SSL where the compression ratio of
a full page image gives a hint of what is the existing data of this page.
This vulnerability is quite cumbersome to exploit in practice, but doable.
So this patch makes wal_compression PGC_SUSET in order to prevent
non-superusers from enabling it and exploiting the vulnerability while
DBA thinks the risk very seriously and disables it in postgresql.conf.
Back-patch to 9.5 where wal_compression was introduced.
Branch
------
master
Details
-------
http://git.postgresql.org/pg/commitdiff/c2e5f4d1c16faa84a19906706481cf149769f320
Modified Files
--------------
doc/src/sgml/config.sgml | 1 +
src/backend/utils/misc/guc.c | 2 +-
2 files changed, 2 insertions(+), 1 deletion(-)
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Fujii Masao | 2015-07-09 13:52:57 | pgsql: Fix obsolete comment regarding NOTICE message level. |
| Previous Message | Heikki Linnakangas | 2015-07-09 13:18:38 | pgsql: Use --debug flag in "remote" pg_rewind regression tests. |