Re: Securing Postgres - Mailing list pgsql-general

From Lincoln Yeoh
Subject Re: Securing Postgres
Date
Msg-id 5.2.1.1.1.20051005232349.02e29610@localhost
Whole thread Raw
In response to Re: Securing Postgres  (L van der Walt <mailing@lani.co.za>)
List pgsql-general
At 04:48 PM 10/5/2005 +0200, L van der Walt wrote:

>The big problem is that the administrators works for the client and not
>for me.  I don't want the client to reverse engineer my database.
>There might be other applications on the server so the administrators do
>require root access.

If it's so important to you, put it on a secured separate physical server,
use encryption, and you admin it.

If you do it right, you should be able to make the client pay for the
separate server ;).

Virtual machines aren't an option, performance on x86 platforms isn't so
good for now AND most VM products often have a snapshot/suspend feature,
which might be useful for looking in the "RAM" for keys and stuff...

>About the raw database files,  I can use encryption to protect the data.

I'm sure at some point you'd need to decrypt the data, so be careful how
you do things at that point. How are you going to do it?

Don't forget, if you secure things so much, it gets hard for the client too.

The client may also ask: how can they trust you?

I wouldn't recommend anybody to have any of their critical/important data
in an encrypted database which they have no access to without a 3rd party's
help.

Regards,
Link.


pgsql-general by date:

Previous
From: "John D. Burger"
Date:
Subject: Re: optimizing common subqueries
Next
From: "Modern Mexican"
Date:
Subject: Re: Untyped result (setof / rowset) from Functions ?