From: | Scott Marlowe <scott(dot)marlowe(at)gmail(dot)com> |
---|---|
To: | David Kerr <dmk(at)mr-paradox(dot)net> |
Cc: | pgsql-general(at)postgresql(dot)org |
Subject: | Re: SAS70 audit + postgres |
Date: | 2009-09-14 19:38:14 |
Message-ID: | dcc563d10909141238md517a24he93eab646dca2e9a@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-general |
Yeah, I question the intelligence of your security expert in this
situation. As the superuser, I can do nearly anything I please, it's
kind of the point. Now, if he wants you to setup non-superuser roles
to do other stuff, I can understand, but there are some things only
the superuser can do, and for that, you gotta trust them.
On Mon, Sep 14, 2009 at 1:17 PM, David Kerr <dmk(at)mr-paradox(dot)net> wrote:
> anyone pass a SAS70 audit with postgres?
>
> Our security expert has a lot of concerns due to the lack of
> user audit logging that's provided.
>
> especally for logging superuser / DBA actions.
>
> Of course, my stance is that you need to trust your DBAs,
> but I don't know if SAS70 shares my belief.
>
> Thanks
>
> Dave
>
> --
> Sent via pgsql-general mailing list (pgsql-general(at)postgresql(dot)org)
> To make changes to your subscription:
> http://www.postgresql.org/mailpref/pgsql-general
>
--
When fascism comes to America, it will be intolerance sold as diversity.
From | Date | Subject | |
---|---|---|---|
Next Message | David Kerr | 2009-09-14 19:45:00 | Re: SAS70 audit + postgres |
Previous Message | David Kerr | 2009-09-14 19:17:58 | SAS70 audit + postgres |