Re: Transparent Data Encryption (TDE) and encrypted files - Mailing list pgsql-hackers

From Stephen Frost
Subject Re: Transparent Data Encryption (TDE) and encrypted files
Date
Msg-id 20191003144040.GY6962@tamriel.snowman.net
Whole thread Raw
In response to Re: Transparent Data Encryption (TDE) and encrypted files  (Robert Haas <robertmhaas@gmail.com>)
Responses Re: Transparent Data Encryption (TDE) and encrypted files
Re: Transparent Data Encryption (TDE) and encrypted files
Re: Transparent Data Encryption (TDE) and encrypted files
List pgsql-hackers
Greetings,

* Robert Haas (robertmhaas@gmail.com) wrote:
> On Mon, Sep 30, 2019 at 5:26 PM Bruce Momjian <bruce@momjian.us> wrote:
> > For full-cluster Transparent Data Encryption (TDE), the current plan is
> > to encrypt all heap and index files, WAL, and all pgsql_tmp (work_mem
> > overflow).  The plan is:
> >
> >         https://wiki.postgresql.org/wiki/Transparent_Data_Encryption#TODO_for_Full-Cluster_Encryption
> >
> > We don't see much value to encrypting vm, fsm, pg_xact, pg_multixact, or
> > other files.  Is that correct?  Do any other PGDATA files contain user
> > data?
>
> As others have said, that sounds wrong to me.  I think you need to
> encrypt everything.

That isn't what other database systems do though and isn't what people
actually asking for this feature are expecting to have or deal with.

People who are looking for 'encrypt all the things' should and will be
looking at filesytem-level encryption options.  That's not what this
feature is about.

> I'm not sold on the comments that have been made about encrypting the
> server log. I agree that could leak data, but that seems like somebody
> else's problem: the log files aren't really under PostgreSQL's
> management in the same way as pg_clog is. If you want to secure your
> logs, send them to syslog and configure it to do whatever you need.

I agree with this.

Thanks,

Stephen

Attachment

pgsql-hackers by date:

Previous
From: Robert Haas
Date:
Subject: Re: Transparent Data Encryption (TDE) and encrypted files
Next
From: Stephen Frost
Date:
Subject: Re: Value of Transparent Data Encryption (TDE)