> Hello,
>
> Is there not some other alternative to pg_hba.conf?
>
> I have the problem where the system administrators at our company
> obviously have access to the whole filesystem, and our database records
> needs to be hidden even from them.
If they have full access, then they have FULL access.
>
> With pg_hba.conf that is not possible, as they just change all the conf
> lines to "trust" auth and viola they have access to the database without
> passwords.
You are looking for a security that can not exit in your scenario.
>
> Is there a more secure alternative to this? The perfect scenario being
> to deny everyone include "root" access to a database without a password.
>
They only way to secure data is to remove all access to it. If you don't
trust your admins, then you have the wrong admins.
