I am not making myself clear. Let us try another angle. We are concerned about security breaches and database theft within and outside the organisation. Assuming a rogue employee gets their hands on a full backup of one of the databases and they did not have the details of the only role that is listed as having privileges would this employee be able to download PG set it up on his or computer, provide a superuser password and then have full access to the database? Is there a way to prevent this access?
No. Not knowing the name of the only super user might be inconvenient but its only security by obscurity. If they have unencrypted physical data files
they have the potential see all of the data contained therein. They don't even need passwords since they can just setup pg_hba.conf for trust access.
David J.
Hi David
Thanks for that. So PG de facto has absolutely no security while in transit then. That is what we are trying to establish.
Sybase supports this sort of security while in transit as does Mimer. There may be others.