Re: Page-Level Encryption

From: David Blewett <david(at)dawninglight(dot)net>
To: pgsql-general(at)postgresql(dot)org
Subject: Re: Page-Level Encryption
Date: 2006-01-20 20:50:38
Message-ID: 20060120155038.o3d6hox5efg8gs08@mail.dawninglight.net
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-general

Quoting "Joshua D. Drake" <jd(at)commandprompt(dot)com>:

>
>> IF they've got root, and the unencrypted data or the password / key is
>> on the machine or in memory on it, you've lost. It may make it harder
>> for them to get it, but they can.
> This is true but in answer to your question you can use something like
> cryptfs. Note that you will loose performance.
>
> Joshua D. Drake

I'm looking for something that runs *inside* of Postgres, at a higher
level than a loop-back encrypted volume. This way, it would only be
available when the database engine was running, and ideally only
accessible to an authenticated/logged in user.

David

In response to

Responses

Browse pgsql-general by date

  From Date Subject
Next Message Martijn van Oosterhout 2006-01-20 20:51:32 Re: [GENERAL] Creation of tsearch2 index is very slow
Previous Message David Blewett 2006-01-20 20:47:04 Re: Page-Level Encryption