| From: | "Welty, Richard" <richard(dot)welty(at)bankofamerica(dot)com> |
|---|---|
| To: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: Securing Postgres |
| Date: | 2005-10-05 15:04:52 |
| Message-ID: | A209FE4DA934614CAF3F5BD8E5E14290B0DE26@ex2k.bankofamerica.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
L van der Walt wrote:
>Then, I might as well just leave the whole PostgreSQL DB and write my
>own mini DB with encrypted XML files. I am sure someone must have an
>answer for me.
i think the answer is that windows is giving you a false sense of
security.
in an environment where you cannot trust the administrators, the problem
you wish to solve is, um, "difficult". suppose you encrypt the XML files,
where do you put the keys? to be secure, you'd have to prompt the users for
a key or a passphrase, and you wouldn't be able to store the key or
passphrase anywhere in plaintext, but to encrypt securely you'd need another
key or passphrase, and so circularity ensues.
is windows prompting for keys or passphrases in a secure manner? i doubt it.
richard
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Welty, Richard | 2005-10-05 15:09:21 | Re: Securing Postgres |
| Previous Message | Richard_D_Levine | 2005-10-05 14:59:46 | Re: Securing Postgres |