Hi Albe
Nothing to do with encryption. This is what the databases mentioned allow you to do. Set a user name and password
thatonly the owner of the database knows about. No super user can gain access to the database no matter where or how
itis shipped. It is that simple - the user name and password must reside with the database and only that users name
andpassword can access that database no matter where or how it is shipped. Mounting it onto another PG server must not
makeit accessible to the super user on that server. That is what I am talking about. The three databases I mentioned
workexactly like that - I am sure there are others that do so as well. It is security 101.
If you can do that with PG I am all ears. I am really wanting to use PG but this single apparent deficiency is
stoppingme in my tracks.
Cheers
Andre
> On 5 Oct 2016, at 10:04, Albe Laurenz <laurenz.albe@wien.gv.at> wrote:
>
> Andre Labuschagne wrote:
>> You better believe it.
>>
>> The best databases on the planet do allow that - Mimer, Sybase and now I am finding Interbase as well.
>> These vendors say the feature I request is security 101. There are no doubt others that I have not
>> seen nor tested yet. But not allowing that feature means there is de facto zero security. As it
>> stands now PG has zero security.
>
> Harsh words.
>
> Since there was little context in the e-mail, I read the thread, and from what I read
> I understood that what you want is to backup a database at site A, ship it to site B
> and restore it there while making sure that nobody can tamper with the backup or steal it
> while it is being shipped.
>
> Is that correct?
>
> If yes, why not encrypt the backup before shipment?
> Any encryption tool like GnuPG (https://gnupg.org/) should be up to the task.
>
> It may well be that many databases have features that allow you to encrypt a backup
> with on-board tools, but PostgreSQL doesn't have the manpower to write and maintain paraphernalia
> like that with with the core distribution.
>
> Yours,
> Laurenz Albe
