postgres zeroization of dead tuples ? i.e scrubbing dead tuples with sensitive data. - Mailing list pgsql-general

Hi,

 

One of my co-workers came out of a NIST cyber-security type meeting today and asked me to delve into postgres and zeroization.

 

I am casually aware of mvcc issues and vacuuming

 

I believe the   concern,  based on my current understanding  of postgres inner workings,  is  that when a dead tuple is reclaimed by vacuuming:  Is that reclaimed space initialized in some fashion that would  shred any sensitive data that was formerly there to any  inspection by  the subsequent owner of  that disk page ? ( zeroization )

 

Not sure that is the exact question to ask but hopefully you get a feel for the requirement is  not to  leave any sensitive data laying about for

recovery by a hacker,  or at least minimize the places it could be obtained without actually being able to log into postgres or having raw disk access privileges.  

 

Thanks for any comments/instruction/links on the matter.

 

 

Regards

 

 

Dave Day

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

pgsql-general by date:

Previous
From: Josh Berkus
Date:
Subject: Indianapolis PostgreSQL Meetup
Next
From: "David G. Johnston"
Date:
Subject: Re: postgres zeroization of dead tuples ? i.e scrubbing dead tuples with sensitive data.