Andre Labuschagne wrote:
> Encryption is meaningless if the super user can control the encrypting. What is required is the
> following: the super user grants a user the rights to create a database and all objects within the
> database. The super user simply grants the user that right. The super user has zero access to what
> that user creates unless that user explicitly grants the super user those rights. That is called
> security. That is what I am trying to achieve with PG. I was hoping that it is possible to do such a
> thing. That is what Mimer, Sybase and Interbase [and perhaps others I am yet to encounter] do as a
> matter of course. It as necessary for the security of a database as wheels are to a car.
If you need exactly that feature, you are probably happier with a different database
system, because PostgreSQL doesn't have it and probably never will.
Most people would argue that this is no hard security, it only makes the attack
more complicated. As a database superuser I can access files on the file system
in any database I ever heard of, thus I can read the files containing the tables,
thus I can figure out what is in them.
Yours,
Laurenz Albe
