Re: Postgres security issue - protecting datafiles

Thnx for the input.

I have another solution, which i tried to avoid : my company provides
file/folder-level encryption . i can apply this encryption with specific
configuration for the postgres processes . this way - even the root cannot
access the data, the only one that can access the database-files is the
owner of the database (which can be the DBA , but can be some1 else as
well...)

I tried to avoid this solution, but now i understand that i don't have any
other choice.
encrypting the data will be useless, because i cannot SELECT by
text/range/dates....

tnx

On Wed, Jun 4, 2008 at 7:11 PM, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:

> zferentz(at)gmail(dot)com writes:
> > I'd like to use postgres to store my secret data in a way that only
> > me (the DBA, owner of the table) can access the talbe while the root
> > (system administrator) who installed and maintains the server - will
> > not be able to see the data.
>
> If you think you can hide anything on a machine from its root admin,
> I have a bridge I'd like to sell you ...
>
> The only thing you could do along this line is to use the database as a
> dumb container for encrypted data that you decrypt only on the client
> side, using keys that are never sent to the database server.
> Unfortunately that approach loses most of the benefit of using a
> database in the first place, since you can hardly do any useful
> processing on data that you can't decrypt.
>
> regards, tom lane
>