| From: | Marcin Kasperski <Marcin(dot)Kasperski(at)softax(dot)com(dot)pl> |
|---|---|
| To: | pgsql-admin(at)postgresql(dot)org |
| Subject: | Re: Postgres security issue - protecting datafiles |
| Date: | 2008-06-04 16:09:48 |
| Message-ID: | 87lk1lrxkj.fsf@softax.com.pl |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin |
> Now, I think that "db authentication" is simply not enough , because
> the administrator can copy the data files to his own machine (where he
> is the owner of the database).
Or just change pg_hba.conf to his taste....
> Is there a way to protect the data files, so even the "malicious
> administrator" cannot see the data ?
Encrypt it. And keep the key on some other machine. And plan your
application so decryption happens on some other machine
--
----------------------------------------------------------------------
| Marcin Kasperski | Communication takes place between people,
| http://mekk.waw.pl | documents are secondary. (Booch)
| |
----------------------------------------------------------------------
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2008-06-04 16:11:50 | Re: Postgres security issue - protecting datafiles |
| Previous Message | Tino Schwarze | 2008-06-04 16:03:16 | Re: Postgres security issue - protecting datafiles |