| From: | Chris Browne <cbbrowne(at)acm(dot)org> |
|---|---|
| To: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: database file encryption |
| Date: | 2006-08-11 18:00:04 |
| Message-ID: | 60irkznoez.fsf@dba2.int.libertyrms.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
kleptog(at)svana(dot)org (Martijn van Oosterhout) writes:
> On Fri, Aug 11, 2006 at 08:52:32AM -0400, Christopher Browne wrote:
>> >> I'd like to know if there is a way in order to encrypt these data.
>> >
>> > Sure, run postgres over an encrypted filesystem.
>>
>> Actually, that may not work the way you think it does...
>>
>> As long as the encrypted filesystem is mounted, you can access the
>> unencrypted data
>
> Sure. However, it was only asked if the data could be encrypted. My
> point was that the OP needs to decide what the actual problem is and
> then they can evaluate what are acceptable solutions.
>
> Asking about encrypted files first is putting the cart before the
> horse.
>
>> The method that consistently works is to encrypt the data before
>> putting it in the database so that the DBMS is unaware of what the
>> plaintext form is...
>
> Sure, but now you've thought about the attack vectors and what's
> important...
Indeed.
In effect, that means that the important question wasn't asked, namely
"What kind or kinds of attacks do we wish to protect against?"
> Have a nice day,
Trying...
--
"cbbrowne","@","acm.org"
http://www3.sympatico.ca/cbbrowne/spreadsheets.html
Coming Soon to a Mainframe Near You! MICROS~1 Windows NT 6.0,
complete with VISUAL JCL...
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Alvaro Herrera | 2006-08-11 18:18:59 | Re: How to use the full text index feature on PostgreSQL |
| Previous Message | Joshua D. Drake | 2006-08-11 17:40:40 | Re: How to use the full text index feature on PostgreSQL |