[jeltz]

The exploit does not actually destroy the files. It allows appending data to the files making the server crash. The file could be recovered by simply removing the junk data added to it.

From the FAQ:

> Persistent Denial of Service: an unauthenticated attacker may use this vulnerability to cause PostgreSQL error messages to be appended to targeted files in the PostgreSQL data directory on the server. Files corrupted in this way may cause the database server to crash, and to refuse to restart. The database server can be fixed either by editing the files and removing the garbage text, or restoring from backup.

[__alexs]

You actually expect most users to figure that out? Especially if corrupted with stuff that looks vaguely like regular postgres data...

[cheald]

Doesn't matter if they can figure it out or not. The data isn't lost, which is the salient point there. There is the potential for datafile corruption, but that is not the same as data corruption or data loss. All your bits are still there and can be recovered by someone with the right expertise.

[jeltz]

I am not sure, but a couple of things which would make it possible are.

1) PostgreSQL does generally report which file was corrupted.

2) The PostgreSQL log output rarely looks similar to regular data, so it should be obvious to anyone looking what is wrong if they do look at the contents of the file.

And most importantly they can always contact a PostgreSQL expert who could repair it.