Heikki Linnakangas <heikki.linnakangas@enterprisedb.com> wrote:
> Greg Stark wrote:
> > It would still protect against offline attacks such as against backup files.
>
> True, but filesystem-level encryption handles that scenario with less pain.
Yes, I intended offline attacks, and also agree that ilesystem-level
encryption will be a solution. However, as I wrote in the first mail,
standard users want to avoid encrypted filesystems that are not maintained
or supported officially.
I just suggested postgres to have an alternative solution of filesystem-level
encryption or infrastructure providing easy way to define new types that
have only difference in typin/typout attributes, such as CREATE TYPE INHERITS
or CREATE DOMAIN WITH INPUT/OUTPUT. It is too difficult for standard users to
define operators and index support methods.
Regards,
---
ITAGAKI Takahiro
NTT Open Source Software Center
