| From: | "Lange Marcus" <marcus(dot)lange(at)saabgroup(dot)com> |
|---|---|
| To: | "Richard Huxton" <dev(at)archonet(dot)com> |
| Cc: | "PG-General Mailing List" <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: Local authentication/security |
| Date: | 2007-08-27 08:41:39 |
| Message-ID: | 6F2815FEE7F896458CDE99423F396992012FCA37@corpappl002.corp.saab.se |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
>
> Lange Marcus wrote:
> >> Not that it matters in your case. The password might as well be
> >> "password" - if they get access to the files/application,
> it's game
> >> over.
> >
> > What about having some of the columns encrypted in the database ?
> > Will that improve things abit ?
>
> Not unless you can keep the key protected. If you prevent
> access to a file containing the key then you can do the same
> to the database and application files.
>
>
> Can you tell us what you're trying to do? What are you going
> to deploy, and what threats do you want to protect against?
>
I have some data in an encrypted external dataformat that i wish to
insert into the database and keep some level of protection/security
and prevent/complicate the possibility to read and copy the data, that
is basically it.
Regards Marcus
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Ow Mun Heng | 2007-08-27 09:08:25 | Re: {Spam} pgloader - Can't find textreader/csvreader |
| Previous Message | Marko Kreen | 2007-08-27 08:09:30 | Re: Geographic High-Availability/Replication |