Skip site navigation (1) Skip section navigation (2)

Re: Postgres security issue - protecting datafiles

From: Michael Monnerie <michael(dot)monnerie(at)is(dot)it-management(dot)at>
To: pgsql-admin(at)postgresql(dot)org
Subject: Re: Postgres security issue - protecting datafiles
Date: 2008-06-11 07:43:04
Message-ID: (view raw, whole thread or download thread mbox)
Lists: pgsql-admin
On Dienstag, 10. Juni 2008 Zvi Fer wrote:
> I have another solution, which i tried to avoid : my company provides
> file/folder-level encryption . i can apply this encryption with
> specific configuration for the postgres processes . this way - even
> the root cannot access the data, the only one that can access the
> database-files is the owner of the database (which can be the DBA ,
> but can be some1 else as well...)

And where is the decrypt key stored? If you crypt a folder, you need the 
key, but root must be able to access the key - or is it hard coded into 

mfg zmi
// Michael Monnerie, Ing.BSc    -----
// Tel: 0660 / 415 65 31                      .network.your.ideas.
// PGP Key:         "curl -s | gpg --import"
// Fingerprint: AC19 F9D5 36ED CD8A EF38  500E CE14 91F7 1C12 09B4
// Keyserver:                   Key-ID: 1C1209B4

In response to

pgsql-admin by date

Next:From: Michael MonnerieDate: 2008-06-11 07:54:58
Subject: Re: Disk Space issue
Previous:From: Devendra Singh RawatDate: 2008-06-11 07:42:45
Subject: Re: Disk Space issue

Privacy Policy | About PostgreSQL
Copyright © 1996-2017 The PostgreSQL Global Development Group