Home > mailing lists

Re: New types for transparent encryption - Mailing list pgsql-hackers

From	Heikki Linnakangas
Subject	Re: New types for transparent encryption
Date	July 7, 2009 09:28:14
Msg-id	4A5314F0.3040401@enterprisedb.com Whole thread Raw
In response to	Re: New types for transparent encryption (Greg Stark <gsstark@mit.edu>)
Responses	Re: New types for transparent encryption
List	pgsql-hackers

Tree view

Greg Stark wrote:
> On Tue, Jul 7, 2009 at 10:09 AM, Heikki
> Linnakangas<heikki.linnakangas@enterprisedb.com> wrote:
>> What kind of attacks would this protect against? Seems a bit pointless
>> to me if the password is being sent to the server anyway. If the
>> attacker has superuser access to the server, he can harvest the
>> passwords as the clients send them in. If he doesn't, the usual access
>> controls with GRANT/REVOKE would be enough.
> 
> It would still protect against offline attacks such as against backup files.

True, but filesystem-level encryption handles that scenario with less pain.

--  Heikki Linnakangas EnterpriseDB   http://www.enterprisedb.com

pgsql-hackers by date:

From: Kedar Potdar
Date: 07 July 2009, 09:27:06
Subject: Re: Patch for automating partitions in PostgreSQL 8.4 Beta 2

From: tomas@tuxteam.de
Date: 07 July 2009, 10:15:02
Subject: Re: New types for transparent encryption

Re: New types for transparent encryption - Mailing list pgsql-hackers

Previous

Next