| From: | "Peter J(dot) Holzer" <hjp-pgsql(at)hjp(dot)at> |
|---|---|
| To: | pgsql-general(at)lists(dot)postgresql(dot)org |
| Subject: | Re: Regd. the Implementation of Wallet (in Oracle) config equivalent in postgreSQL whilst the database migration |
| Date: | 2022-12-22 15:58:24 |
| Message-ID: | 20221222155824.db6yaqfmue5o7a4t@hjp.at |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On 2022-12-22 11:15:57 +0100, Rainer Duffner wrote:
>
>
> Am 22.12.2022 um 10:46 schrieb Peter J. Holzer <hjp-pgsql(at)hjp(dot)at>:
>
> If the hacker has root access: What prevents them from talking to the
> HSM?
>
>
>
> I wasn’t involved in setting it up here, but AFAIK you need to „enroll“ the
> client to the HSM.
>
> That is a one-time process that requires HSM credentials (via certificates and
> pass-phrases).
>
> Then, that client can talk to the HSM.
Which means that some sort of access-token is stored on the client.
So what prevents a hacker from using that access token?
> The HSM-client is (or should be) engineered in such a way that you can’t
> extract the encryption-secret easily.
Security by obscurity? Just hope that nobody figures out how that access
token is stored? That doesn't seem like a good strategy against
high-level threats.
hp
--
_ | Peter J. Holzer | Story must make more sense than reality.
|_|_) | |
| | | hjp(at)hjp(dot)at | -- Charles Stross, "Creative writing
__/ | http://www.hjp.at/ | challenge!"
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Takamichi Osumi (Fujitsu) | 2022-12-23 06:03:22 | RE: Support logical replication of DDLs |
| Previous Message | David Gilman | 2022-12-22 12:50:57 | Re: Implementing foreign data wrappers and avoiding n+1 querying |