Skip site navigation (1) Skip section navigation (2)

Re: Preventing OS administrator/root account access to data

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: chris(dot)jurado(at)primesoft(dot)ph
Cc: pgsql-admin(at)postgresql(dot)org
Subject: Re: Preventing OS administrator/root account access to data
Date: 2009-08-14 23:09:31
Message-ID: 1044.1250291371@sss.pgh.pa.us (view raw or flat)
Thread:
Lists: pgsql-admin
"chris.jurado" <chris(dot)jurado(at)primesoft(dot)ph> writes:
> Let's say in a commercial environment where you install the database in a customer's server and their IT people have admin/root access to this server. How can we make sure that they don't get direct access to the database (e.g. like editing pg_hba.conf and setting it to trust). We don't like them messing up with our data and the postgresql configuration. Otherwise, it would be very difficult to support them if any problem arises. Is there a way to disable reading of the pg_hba.conf or maybe preventing the admin/root from modifying configuration files? any suggestions? this applies to both linux and windows.

This fantasy has been discussed before.  You cannot protect the database
against someone who has root privileges on the box; if you believe
anyone who tells you otherwise, I have a nice bridge I'd like to sell
you.

Put it on a machine where you do trust the admins, instead.

In commercial contexts, the more usual procedure is to put appropriate
restrictions into the contract.  "Warranty void if seal is broken", etc.

			regards, tom lane

In response to

pgsql-admin by date

Next:From: OldManRiverDate: 2009-08-17 15:26:26
Subject: Re: Just Forgot
Previous:From: Scott MarloweDate: 2009-08-14 20:06:13
Subject: Re: Postgres is eating up all my memory

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group