Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1sZToJ-001IDb-Mt for pgsql-hackers@arkaria.postgresql.org; Thu, 01 Aug 2024 11:17:31 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.94.2) (envelope-from ) id 1sZToG-0083Hx-IE for pgsql-hackers@arkaria.postgresql.org; Thu, 01 Aug 2024 11:17:28 +0000 Received: from makus.postgresql.org ([2001:4800:3e1:1::229]) by malur.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1sZToG-0083HG-4v for pgsql-hackers@lists.postgresql.org; Thu, 01 Aug 2024 11:17:28 +0000 Received: from mail-ej1-x62e.google.com ([2a00:1450:4864:20::62e]) by makus.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.94.2) (envelope-from ) id 1sZToD-002XEq-Jc for pgsql-hackers@lists.postgresql.org; Thu, 01 Aug 2024 11:17:26 +0000 Received: by mail-ej1-x62e.google.com with SMTP id a640c23a62f3a-a728f74c23dso899962166b.1 for ; Thu, 01 Aug 2024 04:17:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cybertec-at.20230601.gappssmtp.com; s=20230601; t=1722511044; x=1723115844; darn=lists.postgresql.org; h=mime-version:user-agent:content-transfer-encoding:references :in-reply-to:date:cc:to:from:subject:message-id:from:to:cc:subject :date:message-id:reply-to; bh=gpLPxwZnkFr68ap0zhUn1mmTs4UMV4jwe577olDSsL0=; b=frQJBFsyTtXRk7QLgytfZfyG5ikuaLNcvy1K6ePHgNBuGN5fkjbOBwJvRrXixzAL9R Icu6ISWXBppQ24XRF0bttvmP3Qilh6shLMbPyXaaTrEIh/IkOf++Zp7DgG1BGIQvapO9 ZEqZ5FrZj9tjy3+FRrrosved34/T4SgbreXyYEazOdad9+dxYxC8+kldiDDELu/lNAsC AlVq8OoRIRK1StKq8uHW3mX0Lk1ndJfjBxtcN/jsWGDrvBSr+imwAZeQjAptT6hAIqop tDihGjqqa81TwQ6kRJ0BWIigQdDoZUN1wkzou0rH2qix7SkeXbXwFdjCbe6+Kt1IcBxc 9Zzg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722511044; x=1723115844; h=mime-version:user-agent:content-transfer-encoding:references :in-reply-to:date:cc:to:from:subject:message-id:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=gpLPxwZnkFr68ap0zhUn1mmTs4UMV4jwe577olDSsL0=; b=TXOklNTLKidJy+02oxjqu4FJHYdlYFcVOSFKRVHIDrAoJ7RZdaPf76FwAKjj5ccY81 XkYxhZl6TgvQrQKshUNr7PiEfRK0kebQmExL4WmARd72+8R4XVVfMWMdyuxL3lF+xS2+ O4GG54sy/z80lzzDLEEHAem1SauD0/FhXdZsbI6Rxnyxoagxy/UcJ/bXufaLCu0oFb3v ou9vTAzrg7SzMegk3GTJqcr/N3Zv/KJBcaZL/TNFsUnJg19/3HDl7bYV0MotdX6DN7oC WpprO0xoWi09F8n6Gzl1hMpgjsaDvyM+JgnOzN+tntAAqrnvVZnqP7YE73GxGffYi48q Hv5w== X-Forwarded-Encrypted: i=1; AJvYcCWMbWTRwEP/okKGfioi8Bt0Rl2xP15RqIeXIrhg6///WHJBGtyhoO2UXp1coTdQQJ3eFnL7uaW82dWIyE+010tmgVZ2nkC1IUGiVFToKC3yIks3 X-Gm-Message-State: AOJu0YwBXSzBEXllPQKJRHo6JbjRf4GhcCL2Wtp/1UrBOreTuUkOh1GZ ffyUAoMGLexUGw2YEPgGb/leaHZyZNA+jcAM7c2zEnQkdtkqCg7vnl0K24BUse8= X-Google-Smtp-Source: AGHT+IF7UiM3XhAiC5Bam5qjG6ZTu2Cf2DCE93hPm+9E27nVDHzDwC452LE7UMSATffnaK1O3Tmshg== X-Received: by 2002:a17:907:2d8b:b0:a72:7fea:5800 with SMTP id a640c23a62f3a-a7dafd63b44mr142453966b.63.1722511043468; Thu, 01 Aug 2024 04:17:23 -0700 (PDT) Received: from dynamic-pd01.res.v6.highway.a1.net ([2001:871:5e:b649:c6de:9782:8179:eaa8]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-a7acadb8361sm880291466b.207.2024.08.01.04.17.22 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 01 Aug 2024 04:17:22 -0700 (PDT) Message-ID: <13ec5d8fc5e3c58053a8762634a4921e3387f57d.camel@cybertec.at> Subject: Re: can we mark upper/lower/textlike functions leakproof? From: Laurenz Albe To: Joe Conway , Tom Lane , Robert Haas Cc: Andrew Dunstan , David Rowley , PostgreSQL Hackers Date: Thu, 01 Aug 2024 13:17:22 +0200 In-Reply-To: <70b9e758-1050-4365-9d67-cc826faaf6a9@joeconway.com> References: <50d3a76e-afaa-44ed-aef5-6fb7f23cccab@dunslane.net> <5bef8bb0-7a50-4bcf-b052-2a12c3cda0f5@joeconway.com> <3416373.1722449026@sss.pgh.pa.us> <70b9e758-1050-4365-9d67-cc826faaf6a9@joeconway.com> Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable User-Agent: Evolution 3.52.3 (3.52.3-1.fc40) MIME-Version: 1.0 List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk On Wed, 2024-07-31 at 14:43 -0400, Joe Conway wrote: > I still maintain that there is a whole host of users that would accept= =20 > the risk of side channel attacks via existence of an error or not, if=20 > they could only be sure nothing sensitive leaks directly into the logs= =20 > or to the clients. We should give them that choice. I think that you are right. But what do you tell the users who would not accept that risk? Yours, Laurenz Albe