> On Thu, Mar 29, 2007 at 01:56:34PM +0530, Sandeep Agarwal wrote:
> > i am new to postgres and am puzzled how to solve the untrusted
> admin
> > problem.
> >
> > i am having very sensitive data (accounts and payroll) on postgresql
> > server. the goal i want to achive is that even the sys.
> admin/database> admin. should be able to read the data. i
> understand that the solution
> > lies in encrypting the fields.
Sandeep,
Please do not take affront if I am reading way too much into your
question, but if the following scenario is true:
1) It is a web application with the server colocated in the US
2) You are the developer AND admin and are not in the US
If so, you obviously trust yourself -- the problem is that customers or
prospective customers will possibly (likely) be hesitant to use your
service, particularly when SSN's, names and employee addresses are involved.
If my conjecture is true, then you may want to rephrase your question.
Different suggestions may result.
If I am 'off base', please disregard.
Thanks,
Mike Ellsworth
