Re: postgres zeroization of dead tuples ? i.e scrubbing dead tuples with sensitive data.

From: John R Pierce <pierce(at)hogranch(dot)com>
To: pgsql-general(at)postgresql(dot)org
Subject: Re: postgres zeroization of dead tuples ? i.e scrubbing dead tuples with sensitive data.
Date: 2015-11-18 20:23:37
Message-ID: 564CDE49.8090905@hogranch.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-general

On 11/18/2015 11:45 AM, Day, David wrote:
> I believe the concern, based on my current understanding of
> postgres inner workings, is that when a dead tuple is reclaimed by
> vacuuming: Is that reclaimed space initialized in some fashion that
> would shred any sensitive data that was formerly there to any
> inspection by the subsequent owner of that disk page ? ( zeroization )

the postgres server owns the pages. AFAIK, the only way to read raw
pages is if you can impersonate the server and directly access the raw
files, or if you have postgres superuser privileges and use the
pg_read_binary_file() functions. no 'normal' client app will be able
to see raw pages, or data thats not a valid part of a table that client
has permissions to read.

--
john r pierce, recycling bits in santa cruz

In response to

Browse pgsql-general by date

  From Date Subject
Next Message Adrian Klaver 2015-11-18 20:26:10 Re: postgres zeroization of dead tuples ? i.e scrubbing dead tuples with sensitive data.
Previous Message Tom Lane 2015-11-18 20:22:44 Re: postgres zeroization of dead tuples ? i.e scrubbing dead tuples with sensitive data.