I am investigating security requirements for configuring a PostgreSQL database on a Linux system. One of the security requirements our organization would like to implement is "trusted startup", in that PostgreSQL would verify the authenticity of the binaries and configuration files before making the database available to users. This would enable the database to detect if the system has possibly been compromised. Since this is a Linux system, I could keep a list of known good MD5 checksums and compare the checksums prior to startup by editing the init script. The list would of course need to be updated any time I make a configuration change or apply a patch. Is there an alternative method of implementing such a requirement? Possibly one already incorporated into PostgreSQL?
