Re: postgres zeroization of dead tuples ? i.e scrubbing dead tuples with sensitive data.

From: Andrew Sullivan <ajs(at)crankycanuck(dot)ca>
To: pgsql-general(at)postgresql(dot)org
Subject: Re: postgres zeroization of dead tuples ? i.e scrubbing dead tuples with sensitive data.
Date: 2015-11-18 21:57:40
Message-ID: 20151118215740.GC30327@crankycanuck.ca
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-general

On Wed, Nov 18, 2015 at 04:46:11PM -0500, Melvin Davidson wrote:
> 'm still trying to understand why you think someone can access old data but
> not current/live data.

I don't. It's just another risk. When you're making a list of risks,
you need to list them all. It turns out that in Postgres, you have to
worry about (1) data that's currently in the database and (2) some
data that used to be there but isn't now.

> If you encrypt the live data, wouldn't that solve both concerns?

I have no idea, because I don't know what the theoretical risk to be
mitigated is. It might, sure. The security profiler would still need
to make a list of this fact and then ask how countermeasures mitigate
it.

Best regards,

A

--
Andrew Sullivan
ajs(at)crankycanuck(dot)ca

In response to

Browse pgsql-general by date

  From Date Subject
Next Message Adrian Klaver 2015-11-19 00:00:09 Re: postgres zeroization of dead tuples ? i.e scrubbing dead tuples with sensitive data.
Previous Message Andrew Sullivan 2015-11-18 21:51:24 Re: postgres zeroization of dead tuples ? i.e scrubbing dead tuples with sensitive data.