| From: | Jim Nasby <Jim(dot)Nasby(at)BlueTreble(dot)com> |
|---|---|
| To: | Adrian Klaver <adrian(dot)klaver(at)aklaver(dot)com>, "Day, David" <dday(at)redcom(dot)com>, "pgsql-general(at)postgresql(dot)org" <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: postgres zeroization of dead tuples ? i.e scrubbing dead tuples with sensitive data. |
| Date: | 2015-11-21 06:13:15 |
| Message-ID: | 56500B7B.6030303@BlueTreble.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On 11/19/15 1:12 PM, Adrian Klaver wrote:
> >Our app is doing the authentication based on the sensitive
> >information retrieved from postgres tables.
> >Our app zeros out its associated memory to the process when it is done
> >with it. The developer was concerned about the
> >breadcrumbs left in postgress volatile memory in satisfying the query.
>
>
> Well VACUUM is not going to help there, it works on the data stored on
> disk.
Which would help from the standpoint of shared_buffers... for whatever
that's worth.
To answer an earlier comment about zeroing out the free space on the
page, it would be trivial to add that, at least for heap pages. Index
pages not so much, because you'd have to mess with every index type.
Also, if you're cranking the paranioa level to maximum, you'd want to
compile Postgres with the option that over-writes freed memory with 0x7f
too. That's meant to help find overruns and other memory access errors,
but would have the side effect of nuking the contents of freed memory.
--
Jim Nasby, Data Architect, Blue Treble Consulting, Austin TX
Experts in Analytics, Data Architecture and PostgreSQL
Data in Trouble? Get it in Treble! http://BlueTreble.com
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Sridhar N Bamandlapally | 2015-11-21 07:24:53 | Re: [ADMIN] How to drop stats on table |
| Previous Message | Jim Nasby | 2015-11-21 06:00:08 | Re: duplicate key errors in log file |