Re: Regd. the Implementation of Wallet (in Oracle) config equivalent in postgreSQL whilst the database migration

From: "Peter J(dot) Holzer" <hjp-pgsql(at)hjp(dot)at>
To: pgsql-general(at)lists(dot)postgresql(dot)org
Subject: Re: Regd. the Implementation of Wallet (in Oracle) config equivalent in postgreSQL whilst the database migration
Date: 2022-12-22 09:46:22
Message-ID: 20221222094622.y26t5reutijwnlop@hjp.at
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-general

On 2022-12-22 09:17:18 +0100, Rainer Duffner wrote:
> Am 22.12.2022 um 00:57 schrieb Benedict Holland <
> benedict(dot)m(dot)holland(at)gmail(dot)com>:
>
> If someone has root, I don't know how they also don't have your
> encryption keys.
>
>
> They are not on the same box. They are in a HSM. A dedicated piece of
> tamper-proof hardware that stores secrets (keys).
> The Oracle-server needs to talk to the HSM to get the keys.

If the hacker has root access: What prevents them from talking to the
HSM?

hp

--
_ | Peter J. Holzer | Story must make more sense than reality.
|_|_) | |
| | | hjp(at)hjp(dot)at | -- Charles Stross, "Creative writing
__/ | http://www.hjp.at/ | challenge!"

In response to

Responses

Browse pgsql-general by date

  From Date Subject
Next Message Rainer Duffner 2022-12-22 10:15:57 Re: Regd. the Implementation of Wallet (in Oracle) config equivalent in postgreSQL whilst the database migration
Previous Message Rainer Duffner 2022-12-22 08:17:18 Re: Regd. the Implementation of Wallet (in Oracle) config equivalent in postgreSQL whilst the database migration