Re: Column Redaction - Mailing list pgsql-hackers

From Simon Riggs
Subject Re: Column Redaction
Date
Msg-id CA+U5nMLbrv1_05-zry+nxkss7VOQ8e5-A7w4=HcRqLhX=rVqhA@mail.gmail.com
Whole thread Raw
In response to Re: Column Redaction  (Heikki Linnakangas <hlinnakangas@vmware.com>)
List pgsql-hackers
On 10 October 2014 12:01, Heikki Linnakangas <hlinnakangas@vmware.com> wrote:

> Really, I don't see how this can possible be made to work. You can't allow
> ad hoc processing of data, and still avoid revealing it to the user.

Anyone with unmonitored access and sufficient time can break through security.

I think that is true of any kind of security, and so it is true here also.

Auditing and controls are required also, that's why I suggested those
first. This proposal was looking beyond that to what we might need
next.

-- Simon Riggs                   http://www.2ndQuadrant.com/PostgreSQL Development, 24x7 Support, Training & Services



pgsql-hackers by date:

Previous
From: Simon Riggs
Date:
Subject: Re: Column Redaction
Next
From: Robert Haas
Date:
Subject: Re: Column Redaction