kleptog@svana.org (Martijn van Oosterhout) writes:
> On Fri, Aug 11, 2006 at 08:52:32AM -0400, Christopher Browne wrote:
>> >> I'd like to know if there is a way in order to encrypt these data.
>> >
>> > Sure, run postgres over an encrypted filesystem.
>>
>> Actually, that may not work the way you think it does...
>>
>> As long as the encrypted filesystem is mounted, you can access the
>> unencrypted data
>
> Sure. However, it was only asked if the data could be encrypted. My
> point was that the OP needs to decide what the actual problem is and
> then they can evaluate what are acceptable solutions.
>
> Asking about encrypted files first is putting the cart before the
> horse.
>
>> The method that consistently works is to encrypt the data before
>> putting it in the database so that the DBMS is unaware of what the
>> plaintext form is...
>
> Sure, but now you've thought about the attack vectors and what's
> important...
Indeed.
In effect, that means that the important question wasn't asked, namely
"What kind or kinds of attacks do we wish to protect against?"
> Have a nice day,
Trying...
--
"cbbrowne","@","acm.org"
http://www3.sympatico.ca/cbbrowne/spreadsheets.html
Coming Soon to a Mainframe Near You! MICROS~1 Windows NT 6.0,
complete with VISUAL JCL...