Re: how to protect root access database

From: Scott Marlowe <smarlowe(at)g2switchworks(dot)com>
To: wisan watcharinporn <maccran(at)hotmail(dot)com>
Cc: pgsql-admin(at)postgresql(dot)org
Subject: Re: how to protect root access database
Date: 2005-08-22 19:49:00
Message-ID: 1124740140.28179.9.camel@state.g2switchworks.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-admin

On Fri, 2005-08-12 at 22:37, wisan watcharinporn wrote:
> i have database with critical data (such patient information)
> how can i protect my database from root access
> because this host in company can access with root from many person
> (person who manage some service application on host but must not access this
> patient information)

Ever seen the TShirt "Got root?" If you're root, you're god, pretty
much, and get whatever you want.

If the data is encrypted before being passed to that server, then you've
got some protection, but at a higher processing cost.

Generally, when I've worked on database machines, there is one system
admin who can log into the machine, and one dba who has the ability to
sudo to the postgresql superuser and keep the db happy. That limits the
number of people to two. If your DB can keep a unix box happy, then let
him own the whole thing and you've got minimum exposure.

Expecting to limit roots access once he's on the box is the exact
backwards way to handle this. The way to restrict access is to restrict
the people who can access the box and the levels of their accounts.

If you're in an environment where more than 2 or 3 three people need to
know the root password, your environment is messed up.

In response to

Browse pgsql-admin by date

  From Date Subject
Next Message Jim C. Nasby 2005-08-23 00:57:52 Re: [PHP] Data insert
Previous Message Scott Marlowe 2005-08-22 19:43:21 Re: postgres optimization (effective_cache_size)