| From: | "Saleem EDAH-TALLY" <nmset(at)netcourrier(dot)com> |
|---|---|
| To: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: postgresql.key secure storage |
| Date: | 2009-09-14 17:39:47 |
| Message-ID: | 200909141939.48178.nmset@netcourrier.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
OK guys, I would never have thought about modifying libpq to steal confidential
data, and I have never used debuggers in this respect at all.
So super gurus can yet do the bad thing.
Nevertheless 99% of users are not super gurus who could do such nasty things
but a few of them could use an unencrypted private key. These few at least
would have been frustrated if libpq could manage an encrypted private key. The
server can manage such a key and the admin starting the server is prompted for
the password. Ironically, it is generally accepted that it's better that the
server private key be unencrypted so that any admin can start the server
anytime.
Thank you.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Scott Marlowe | 2009-09-14 17:57:11 | Re: Locks in postgres causing system load and crash. |
| Previous Message | Chris Barnes | 2009-09-14 17:20:23 | Re: Locks in postgres causing system load and crash. |