Home > mailing lists

Re: Postgres security issue - protecting datafiles - Mailing list pgsql-admin

From	Marcin Kasperski
Subject	Re: Postgres security issue - protecting datafiles
Date	June 4, 2008 16:09:51
Msg-id	87lk1lrxkj.fsf@softax.com.pl Whole thread Raw
In response to	Postgres security issue - protecting datafiles (zferentz@gmail.com)
List	pgsql-admin

Tree view

> Now, I think that "db authentication"  is simply not enough , because
> the administrator can copy the data files to his own machine (where he
> is the owner of the database).

Or just change pg_hba.conf to his taste....

> Is there a way to protect the data files, so even the "malicious
> administrator" cannot see the data ?

Encrypt it. And keep the key on some other machine. And plan your
application so decryption happens on some other machine

--
----------------------------------------------------------------------
| Marcin Kasperski   | Communication takes place between people,
| http://mekk.waw.pl |      documents are secondary. (Booch)
|                    |
----------------------------------------------------------------------

pgsql-admin by date:

From: Tino Schwarze
Date: 04 June 2008, 16:03:28
Subject: Re: Postgres security issue - protecting datafiles

From: Tom Lane
Date: 04 June 2008, 16:12:07
Subject: Re: Postgres security issue - protecting datafiles

Re: Postgres security issue - protecting datafiles - Mailing list pgsql-admin

Previous

Next