Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
dbcpp
20 days ago
|
parent
|
context
|
favorite
| on:
Your Supabase is public if you turn off RLS
Related to this, I've been wondering how much we should actually be depending on RLS for. There are known timing attacks against it [1].
[1]
https://www.cs.tau.ac.il/~mad/publications/sigmod2023-rls.pd...
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
[1] https://www.cs.tau.ac.il/~mad/publications/sigmod2023-rls.pd...