| From: | "Mark Woodward" <pgsql(at)mohawksoft(dot)com> |
|---|---|
| To: | "Q Beukes" <pgsql-dev(at)list(dot)za(dot)net> |
| Cc: | "Postgresql Dev" <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: pg_hba.conf alternative |
| Date: | 2006-02-08 13:53:25 |
| Message-ID: | 18892.24.91.171.78.1139406805.squirrel@mail.mohawksoft.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
> Hello,
>
> Is there not some other alternative to pg_hba.conf?
>
> I have the problem where the system administrators at our company
> obviously have access to the whole filesystem, and our database records
> needs to be hidden even from them.
If they have full access, then they have FULL access.
>
> With pg_hba.conf that is not possible, as they just change all the conf
> lines to "trust" auth and viola they have access to the database without
> passwords.
You are looking for a security that can not exit in your scenario.
>
> Is there a more secure alternative to this? The perfect scenario being
> to deny everyone include "root" access to a database without a password.
>
They only way to secure data is to remove all access to it. If you don't
trust your admins, then you have the wrong admins.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bruce Momjian | 2006-02-08 14:00:46 | Re: Audio interview |
| Previous Message | Andrew Dunstan | 2006-02-08 13:32:23 | Re: pg_hba.conf alternative |