On Mon, May 24, 2010 at 05:04:10PM -0400, Merlin Moncure wrote: > Let me humbly state that the #1 problem that beginners face with > security and encryption is focusing too much on the mechanics and not > enough on the 'big picture' issues: One more that OP seems to be avoiding is why would anybody want to do this anyway? There are plenty of places that will happily host data for you--most email sites give you many gigabytes of storage these days. Seems to be a solution in search of a problem to me. I think what the OP may be asking is about the presence of "covert channels". There are plenty of these in PG, an attacker can do the obvious things like disguising data inside other data (steganography) or more subtle things like tuple order on disk, transaction orderings, or interactions between running queries (i.e. causing one to pause for a few milliseconds by reading/locking a table). Covert channels seem to be a fundamental fact of nature. As far as I know, though I'm not aware of any papers directly on the subject, it's *always* possible to design a new attack by exploiting the physical implementation of something. Hence any specific tool you design to look for any specific attack can always be avoided in an infinite number of ways, generally negating its purpose. You have to be much more specific in your requirements before useful analysis can be done. What can be done is to reduce the bandwidth of a specific covert channel, and beyond some threshold it *may* be possible to say that "no useful data can be transmitted", but that's about it. If somebody just wants to leak a password/private key a surprisingly few number of bits will go a long way. -- Sam http://samason.me.uk/ -- Sent via pgsql-general mailing list (pgsql-general@xxxxxxxxxxxxxx) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
