Re: [GENERAL] column-level update privs + lock table

(2010/11/30 21:26), Simon Riggs wrote:
> On Mon, 2010-11-29 at 21:37 -0500, Josh Kupershmidt wrote:
> 
>> I still see little reason to make LOCK TABLE permissions different for
>> column-level vs. table-level UPDATE privileges
> 
> Agreed.
> 
> This is the crux of the debate. Why should this inconsistency be allowed
> to continue?
> 
> Are there covert channel issues here, KaiGai?
> 
Existing database privilege mechanism (and SELinux, etc...) is not designed
to handle covert channel attacks, basically.
For example, if a user session with column-level UPDATE privilege tries
to update a certain column for each seconds depending on the contents of
other table X, other session can probably know the contents of table X
using iteration of LOCK command without SELECT permission.
It is a typical timing channel attack, but it is not a problem that we
should try to tackle, is it?

Sorry, I don't have a credible idea to solve this inconsistency right now.

Thanks,
-- 
KaiGai Kohei <kaigai@ak.jp.nec.com>