| From: | John R Pierce <pierce(at)hogranch(dot)com> |
|---|---|
| To: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: postgres zeroization of dead tuples ? i.e scrubbing dead tuples with sensitive data. |
| Date: | 2015-11-18 20:23:37 |
| Message-ID: | 564CDE49.8090905@hogranch.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On 11/18/2015 11:45 AM, Day, David wrote:
> I believe the concern, based on my current understanding of
> postgres inner workings, is that when a dead tuple is reclaimed by
> vacuuming: Is that reclaimed space initialized in some fashion that
> would shred any sensitive data that was formerly there to any
> inspection by the subsequent owner of that disk page ? ( zeroization )
the postgres server owns the pages. AFAIK, the only way to read raw
pages is if you can impersonate the server and directly access the raw
files, or if you have postgres superuser privileges and use the
pg_read_binary_file() functions. no 'normal' client app will be able
to see raw pages, or data thats not a valid part of a table that client
has permissions to read.
--
john r pierce, recycling bits in santa cruz
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Adrian Klaver | 2015-11-18 20:26:10 | Re: postgres zeroization of dead tuples ? i.e scrubbing dead tuples with sensitive data. |
| Previous Message | Tom Lane | 2015-11-18 20:22:44 | Re: postgres zeroization of dead tuples ? i.e scrubbing dead tuples with sensitive data. |