Re: pg_hba.conf alternative

From: Q Beukes <pgsql-dev(at)list(dot)za(dot)net>
To: Postgresql Dev <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: pg_hba.conf alternative
Date: 2006-02-09 10:02:51
Message-ID: 43EB134B.9060303@list.za.net
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

To give it to you straight... its just to ease the minds of management.

Someone pointed out to them how easy it really is to access the data, and
this kind of started to make them feel uncomfortable.

They know the admins are very computer literate and that any protection
can be broken by them.

But it's just like information locked inside a cabinet, it can be
accessed by breaking in
right? But employees wont do it, because it's just not ethical to break
into your
employers private stash. But if it was lying on a paper on a desk
somewhere,
even the most honest employee might peek onto it for interest sake.

And this type of information can stir quite a bit, trust me.

That is all I was wondering about, if there was a way to just lock it
inside a
cabinet with a tiny bit more security.

After that you can always take measures to make sure they aren't
installing malicious
software, or taking information home. You can install software like
Tripwire to make
sure the binaries are kept fine, remove gcc and so forth.

Tino Wildenhain wrote:

> Q Beukes schrieb:
>
>> Well,
>>
>> I am not looking for 100% security. I know that full access if full
>> access,
>> and that even if you were to encrypt the system through Postgre the
>> determined
>> person WILL always be able to get it out if they have system level
>> access.
>>
>> All I wanted to do was to prevent the basic SQL/Linux literate user from
>> accessing
>> the databases. At the moment it is very easy for them to access the
>> data.
>>
>> I trust that they wont go as far as overwriting the system with custom
>> compiled
>> version, or copying the data and so forth. It just that we would feel
>> much better
>> if we knew the data wasn't as open as it is now, with a simple pg
>> restart it is all
>> open?
>>
>> Can this only be done by maybe modifying the source to make pg_hba
>> fields statically
>> compiled into the executable?
>>
> Instead, you might want to read about SELinux.
> You can protect files even to root (unless they
> reboot ;) but really you should have only trusted
> people have admin accounts. How comes you have
> somebody untrusted as admin?
>
> Regards
> Tino
>

In response to

Browse pgsql-hackers by date

  From Date Subject
Next Message Alexander Schreiber 2006-02-09 10:34:07 Re: Upcoming re-releases
Previous Message Csaba Nagy 2006-02-09 09:37:34 Re: streamlined standby procedure