| From: | Michael Monnerie <michael(dot)monnerie(at)is(dot)it-management(dot)at> |
|---|---|
| To: | pgsql-admin(at)postgresql(dot)org |
| Subject: | Re: Postgres security issue - protecting datafiles |
| Date: | 2008-06-11 07:43:04 |
| Message-ID: | 200806110943.04822@zmi.at |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin |
On Dienstag, 10. Juni 2008 Zvi Fer wrote:
> I have another solution, which i tried to avoid : my company provides
> file/folder-level encryption . i can apply this encryption with
> specific configuration for the postgres processes . this way - even
> the root cannot access the data, the only one that can access the
> database-files is the owner of the database (which can be the DBA ,
> but can be some1 else as well...)
And where is the decrypt key stored? If you crypt a folder, you need the
key, but root must be able to access the key - or is it hard coded into
software?
mfg zmi
--
// Michael Monnerie, Ing.BSc ----- http://it-management.at
// Tel: 0660 / 415 65 31 .network.your.ideas.
// PGP Key: "curl -s http://zmi.at/zmi.asc | gpg --import"
// Fingerprint: AC19 F9D5 36ED CD8A EF38 500E CE14 91F7 1C12 09B4
// Keyserver: www.keyserver.net Key-ID: 1C1209B4
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Michael Monnerie | 2008-06-11 07:54:58 | Re: Disk Space issue |
| Previous Message | Devendra Singh Rawat | 2008-06-11 07:42:45 | Re: Disk Space issue |