Re: pg_hba.conf alternative

From: Csaba Nagy <nagy(at)ecircle-ag(dot)com>
To: Q Beukes <pgsql-dev(at)list(dot)za(dot)net>
Cc: Postgresql Dev <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: pg_hba.conf alternative
Date: 2006-02-08 12:45:09
Message-ID: 1139402709.24321.357.camel@coppola.muc.ecircle.de
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

I think this was discussed many times on this list, and the main
conclusion was: if you don't trust your DB machine's admin, any security
measure against him will be only illusory. The sysadmin can in any case
access the data, you can just make this harder, you can't prevent that.

So you better get admins who you trust...

On Wed, 2006-02-08 at 13:34, Q Beukes wrote:
> Hello,
>
> Is there not some other alternative to pg_hba.conf?
>
> I have the problem where the system administrators at our company
> obviously have access to the whole filesystem, and our database records
> needs to be hidden even from them.
>
> With pg_hba.conf that is not possible, as they just change all the conf
> lines to "trust" auth and viola they have access to the database without
> passwords.
>
> Is there a more secure alternative to this? The perfect scenario being
> to deny everyone include "root" access to a database without a password.
>
> regards,
> Quintin Beukes
>
> ---------------------------(end of broadcast)---------------------------
> TIP 6: explain analyze is your friend

In response to

Browse pgsql-hackers by date

  From Date Subject
Next Message Stephen Frost 2006-02-08 12:49:32 Re: sql row constructor...works!
Previous Message Devrim GUNDUZ 2006-02-08 12:39:31 Re: pg_hba.conf alternative