Paul Tillotson <pntil@shentel.net> writes:
> Given that the client does not write pages to the disk, this would be
> back-end encryption. Just out of curiosity, what threat model does
> this sort of encryption protect against? Surely any attacker who can
> read the files off the disk can also get the password used to encrypt
> them. Or would this be provided by the client and kept in RAM only?
If I have root- or postgres-level access to the machine, I can snarf
the encryption key out of RAM even if it's never written to disk.
I don't see what this (backend page-level encryption) would buy you
over just using an encrypted partition, which is already available on
most OSs...
-Doug
--
Let us cross over the river, and rest under the shade of the trees. --T. J. Jackson, 1863
