From: | "Moon, Insung" <tsukiwamoon(dot)pgsql(at)gmail(dot)com> |
---|---|
To: | Bruce Momjian <bruce(at)momjian(dot)us> |
Cc: | PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: Transparent Data Encryption (TDE) and encrypted files |
Date: | 2019-10-09 05:34:24 |
Message-ID: | CAEMmqBu+PWgH8zUTBWNfg9chy8Ga1+08oSu-DTR0w+bM8x7=Vw@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
Dear hackers.
First, I don't know which email thread should written a reply,
therefore using the first email thread.
Sorry about the inconvenience...
Sawada-san and I have previously researched the PostgreSQL database
cluster file that contains user data.
The result has been updated to the WIKI page[1], so share it here.
This result is simply a list of files that contain user data, so we
can think of it as the first step in classifying which files are
encrypted.
About the SLUR file that we have talked about so far, I think that
discussions are in progress on the necessity of encryption, and I hope
that this discussion will be useful.
#In proceeding with the current development, we specified an encrypted
file using the list above.
If the survey results are different, it would be a help for this
project if correct to the WIKI page.
Best regards.
Moon.
On Tue, Oct 1, 2019 at 6:26 AM Bruce Momjian <bruce(at)momjian(dot)us> wrote:
>
> For full-cluster Transparent Data Encryption (TDE), the current plan is
> to encrypt all heap and index files, WAL, and all pgsql_tmp (work_mem
> overflow). The plan is:
>
> https://wiki.postgresql.org/wiki/Transparent_Data_Encryption#TODO_for_Full-Cluster_Encryption
>
> We don't see much value to encrypting vm, fsm, pg_xact, pg_multixact, or
> other files. Is that correct? Do any other PGDATA files contain user
> data?
>
> --
> Bruce Momjian <bruce(at)momjian(dot)us> http://momjian.us
> EnterpriseDB http://enterprisedb.com
>
> + As you are, so once was I. As I am, so you will be. +
> + Ancient Roman grave inscription +
>
>
From | Date | Subject | |
---|---|---|---|
Next Message | Antonin Houska | 2019-10-09 05:42:56 | Re: Transparent Data Encryption (TDE) and encrypted files |
Previous Message | Tom Lane | 2019-10-09 05:31:13 | Re: WIP: raise error when submitting invalid ALTER SYSTEM command |