Re: [HACKERS] Query cancel and OOB data (fwd)
Bruce Momjian <maillist@candle.pha.pa.us>
From: Bruce Momjian <maillist@candle.pha.pa.us>
To: tgl@sss.pgh.pa.us (Tom Lane)
Cc: hackers@postgreSQL.org
Date: 1998-05-27T04:39:11Z
Lists: pgsql-hackers
> > Bruce Momjian <maillist@candle.pha.pa.us> writes: > >> However, if they are already snooping, how much harder > >> is it for them to insert their own query into the tcp stream? > > > Can someone answer this for me? > > Well, that depends entirely on what your threat model is --- for > example, someone with read access on /dev/kmem on a relay machine > might be able to watch packets going by, yet not be able to inject > more. On the other hand, someone with root privileges on another > machine on your local LAN could likely do both. > > My guess is that most of the plausible cases that allow one also > allow the other. But it's only a guess. > Oh, yes, one more thing. When generating the cancel key, We will have to call random twice and return part of each so users will not see our current random values. When I remove the exec(), people will be able to call random() in the backend to see the random value. May need to reset the seed on backend startup. -- Bruce Momjian | 830 Blythe Avenue maillist@candle.pha.pa.us | Drexel Hill, Pennsylvania 19026 + If your life is a hard drive, | (610) 353-9879(w) + Christ can be your backup. | (610) 853-3000(h)