| From: | "Joshua D(dot) Drake" <jd(at)commandprompt(dot)com> |
|---|---|
| To: | nrdb <postgresql(at)butterflystitches(dot)com(dot)au> |
| Cc: | postgresql-hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: database file encryption. |
| Date: | 2011-10-22 15:37:51 |
| Message-ID: | 4EA2E34F.6090508@commandprompt.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 10/21/2011 05:42 PM, nrdb wrote:
>
> Hi,
>
> I am new to this list. I haven't ever contributed code before, and have
> no idea on how to do this.
>
> I have made some changes to my copy of the 9.1.1 code that
> encrypts/decrypts the database files on the fly using AES256 cypher.
Very cool.
>
> It passes all the tests. :-)
>
> The changes are limited to :
> src/backend/storage/file/fd.c
> src/backend/storage/file/buffile.c
> src/backend/libpq/be-fsstubs.c
Are you willing to submit a patch for people to review? I am not sure if
the community would want this as backend code or not but it is
definitely something to discuss.
>
> At the moment the password has been hardcoded into the source, I don't
> know how to get it passed in atm.
I think the easiest way would be to look at the startup code that
launches postmaster. If it detecs that the files are encrypted it would
prompt for the passphrase.
Others might have different ideas.
JD
>
>
--
Command Prompt, Inc. - http://www.commandprompt.com/
PostgreSQL Support, Training, Professional Services and Development
The PostgreSQL Conference - http://www.postgresqlconference.org/
@cmdpromptinc - @postgresconf - 509-416-6579
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Andres Freund | 2011-10-22 15:54:14 | Re: So, is COUNT(*) fast now? |
| Previous Message | Tom Lane | 2011-10-22 15:28:07 | Re: Synchronized snapshots versus multiple databases |