| From: | Craig Ringer <craig(at)postnewspapers(dot)com(dot)au> |
|---|---|
| To: | Kenneth Buckler <kenneth(dot)buckler(at)gmail(dot)com> |
| Cc: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: PostgreSQL Trusted Startup |
| Date: | 2010-12-22 00:30:28 |
| Message-ID: | 4D1146A4.2080003@postnewspapers.com.au |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
> We live in a world where compliance is king. Nevermind if compliance
> doesn't actually make the system more secure.
Er .. re my previous post, I don't mean "lie to RH and claim to want to
buy RHEL to get free support". I mean that you should consider going to
management and getting approval for professional support and integration
work from a specialist, because you're going to need it.
Alternately you could do the dodgy Trusted GRUB + signed kernel + signed
initrd with scripted GnuPG verification hack. It'd be a lot better than
nothing if your target server has a TPM you can enable and use for
Trusted GRUB.
--
Craig Ringer
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Fujii Masao | 2010-12-22 01:28:50 | Re: Understanding PG9.0 streaming replication feature |
| Previous Message | Craig Ringer | 2010-12-22 00:28:22 | Re: PostgreSQL Trusted Startup |