From: | Bruce Momjian <bruce(at)momjian(dot)us> |
---|---|
To: | Tomas Vondra <tomas(dot)vondra(at)2ndquadrant(dot)com> |
Cc: | "Moon, Insung" <tsukiwamoon(dot)pgsql(at)gmail(dot)com>, Magnus Hagander <magnus(at)hagander(dot)net>, Tels <nospam-pg-abuse(at)bloodgate(dot)com>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: Transparent Data Encryption (TDE) and encrypted files |
Date: | 2019-10-01 14:51:32 |
Message-ID: | 20191001145132.GA11619@momjian.us |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On Tue, Oct 1, 2019 at 03:48:31PM +0200, Tomas Vondra wrote:
> IMO leaks of sensitive data into the server log (say, as part of error
> messages, slow queries, ...) are a serious issue. It's one of the main
> issues with pgcrypto-style encryption, because it's trivial to leak e.g.
> keys into the server log. Even if proper key management prevents leaking
> keys, there are still user data - say, credit card numbers, and such.
Fortunately, the full-cluster encryption keys are stored encrypted in
pg_control and are never accessible unencrypted at the SQL level.
--
Bruce Momjian <bruce(at)momjian(dot)us> http://momjian.us
EnterpriseDB http://enterprisedb.com
+ As you are, so once was I. As I am, so you will be. +
+ Ancient Roman grave inscription +
From | Date | Subject | |
---|---|---|---|
Next Message | Tomas Vondra | 2019-10-01 14:57:58 | Re: Optimize partial TOAST decompression |
Previous Message | Fabien COELHO | 2019-10-01 14:48:33 | Re: pgbench - allow to create partitioned tables |