-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160
Stephen Frost wrote:
> To try to clarify that a bit, as it comes across as rather opaque even
> on my re-reading, consider a case where you can't have the
> "credit_card_number" field ever exported to an audit or log file, but
> you're required to log all other changes to a table. Then consider that
> such a situation extends to individual INSERT or UPDATE commands- you
> need the command logged, but you can't have the contents of that column
> in the log file.
Perhaps you need a better example. Storing raw credit cards in the database
is a bad idea (and potential PCI violation); audit/log files are only one
of the many ways things can leak out. Encrypting sensitive columns is a
solution that solves your auditing problem, and works on all current versions
of Postgres. :)
> Our current capabilities around logging and auditing are dismal
No arguments there.
- --
Greg Sabino Mullane greg@turnstep.com
End Point Corporation http://www.endpoint.com/
PGP Key: 0x14964AC8 201408271200
http://biglumber.com/x/web?pk=2529DF6AB8F79407E94445B4BC9B906714964AC8
-----BEGIN PGP SIGNATURE-----
iEYEAREDAAYFAlP+AKgACgkQvJuQZxSWSsjf7gCg00BwRbwRi/UPrHBs1RdfWX/I
TRsAn2CDrG/ycetKOQFbn/4rnSSYPz9j
=Ju0B
-----END PGP SIGNATURE-----
