Home > mailing lists

Re: [HACKERS] WIP: Data at rest encryption - Mailing list pgsql-hackers

From	Peter Eisentraut
Subject	Re: [HACKERS] WIP: Data at rest encryption
Date	June 14, 2017 02:08:29
Msg-id	5bebfabb-e02d-0172-aafa-99fcaadf7782@2ndquadrant.com Whole thread Raw
In response to	Re: [HACKERS] WIP: Data at rest encryption (Bruce Momjian <bruce@momjian.us>)
Responses	Re: [HACKERS] WIP: Data at rest encryption
List	pgsql-hackers

Tree view

On 6/13/17 15:51, Bruce Momjian wrote:
> Isn't the leakage controlled by OS permissions, so is it really leakage,
> i.e., if you can see the leakage, you probably have bypassed the OS
> permissions and see the key and data anyway.

One scenario (among many) is when you're done with the disk.  If the
content was fully encrypted, then you can just throw it into the trash
or have your provider dispose of it or reuse it.  If not, then,
depending on policy, you will have to physically obtain it and burn it.

-- 
Peter Eisentraut              http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services

pgsql-hackers by date:

From: Bruce Momjian
Date: 14 June 2017, 01:51:50
Subject: Re: [HACKERS] WIP: Data at rest encryption

From: Bruce Momjian
Date: 14 June 2017, 02:10:34
Subject: Re: [HACKERS] WIP: Data at rest encryption

Re: [HACKERS] WIP: Data at rest encryption - Mailing list pgsql-hackers

Previous

Next