Skip to content

P
Postgres FD Implementation
Commit c2e5f4d1 authored by Fujii Masao's avatar Fujii Masao
Browse files
Options

Make wal_compression PGC_SUSET rather than PGC_USERSET. 

When enabling wal_compression, there is a risk to leak data similarly to
the BREACH and CRIME attacks on SSL where the compression ratio of
a full page image gives a hint of what is the existing data of this page.
This vulnerability is quite cumbersome to exploit in practice, but doable.

So this patch makes wal_compression PGC_SUSET in order to prevent
non-superusers from enabling it and exploiting the vulnerability while
DBA thinks the risk very seriously and disables it in postgresql.conf.

Back-patch to 9.5 where wal_compression was introduced.
parent 23b89288
Hide whitespace changes
Inline Side-by-side
Showing with 2 additions and 1 deletion
doc/src/sgml/config.sgml
View file @ c2e5f4d1
...@@ -2303,6 +2303,7 @@ include_dir 'conf.d' ...@@ -2303,6 +2303,7 @@ include_dir 'conf.d'
<xref linkend="guc-full-page-writes"> is on or during a base backup. <xref linkend="guc-full-page-writes"> is on or during a base backup.
A compressed page image will be decompressed during WAL replay. A compressed page image will be decompressed during WAL replay.
The default value is <literal>off</>. The default value is <literal>off</>.
Only superusers can change this setting.
</para> </para>
<para> <para>
......
src/backend/utils/misc/guc.c
View file @ c2e5f4d1
...@@ -995,7 +995,7 @@ static struct config_bool ConfigureNamesBool[] = ...@@ -995,7 +995,7 @@ static struct config_bool ConfigureNamesBool[] =
}, },
{ {
{"wal_compression", PGC_USERSET, WAL_SETTINGS, {"wal_compression", PGC_SUSET, WAL_SETTINGS,
gettext_noop("Compresses full-page writes written in WAL file."), gettext_noop("Compresses full-page writes written in WAL file."),
NULL NULL
}, },
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment