Alvaro Herrera wrote:
> Excerpts from Richard Walker's message of jue may 20 02:19:17 -0400 2010:
>
>> (a) (ii) It seems a breach is possible via the xmin values.
>> In that case, what about doing updates inside a transaction
>> that does a trivial update of all rows, e.g.:
>> begin transaction;
>> update mytable ....; -- change one row
>> update mytable set id=id; -- change all rows
>> commit;
>> So now all rows have the same xmin values.
>> Does this work? Performance is not so good, is it?
>> Is there a better way?
>
> The easiest way to do this is probably VACUUM FREEZE.
Thank you very much - that works perfectly to solve
case (a) (ii).
It turns out it doesn't solve my case (b)
in which the hacker can read the raw files.
After a little bit of experimenting I found
that VACUUM FREEZE followed by CLUSTER gives
me a fresh raw table file with no transaction
history. Now all I need is a way to deal
with the WAL . . .
--
Richard Walker
Software Improvements Pty Ltd
Phone: +61 2 6273 2055
Fax: +61 2 6273 2082