Re: how to protect root access database

From: Michael Fuhr <mike(at)fuhr(dot)org>
To: wisan watcharinporn <maccran(at)hotmail(dot)com>
Cc: pgsql-admin(at)postgresql(dot)org
Subject: Re: how to protect root access database
Date: 2005-08-13 05:22:48
Message-ID: 20050813052248.GA48235@winnie.fuhr.org
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-admin

On Sat, Aug 13, 2005 at 03:37:37AM +0000, wisan watcharinporn wrote:
> i have database with critical data (such patient information)
> how can i protect my database from root access
> because this host in company can access with root from many person
> (person who manage some service application on host but must not access
> this patient information)

If you're handling critical, confidential information then you
should consult a security professional. No offense intended, but
if you have to ask these kinds of questions then you aren't qualified
to implement the solution.

Even if you encrypt the data so root can't read it, root could still
corrupt or destroy it (intentionally or accidentally) with the
privilege it wields. If the data is critical and confidential then
only trustworthy persons should have access (remote or physical)
to the system that stores it. A system that gives root access to
"many persons" is a dangerous place to store such data. For the
sake of your patients' safety and privacy, please consult a security
professional who knows what they're doing.

--
Michael Fuhr

In response to

Browse pgsql-admin by date

  From Date Subject
Next Message Christopher Browne 2005-08-13 13:48:24 Re: how to protect root access database
Previous Message wisan watcharinporn 2005-08-13 03:37:37 how to protect root access database