| From: | Scott Marlowe <scott(dot)marlowe(at)gmail(dot)com> |
|---|---|
| To: | David Kerr <dmk(at)mr-paradox(dot)net> |
| Cc: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: SAS70 audit + postgres |
| Date: | 2009-09-14 19:38:14 |
| Message-ID: | dcc563d10909141238md517a24he93eab646dca2e9a@mail.gmail.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Yeah, I question the intelligence of your security expert in this
situation. As the superuser, I can do nearly anything I please, it's
kind of the point. Now, if he wants you to setup non-superuser roles
to do other stuff, I can understand, but there are some things only
the superuser can do, and for that, you gotta trust them.
On Mon, Sep 14, 2009 at 1:17 PM, David Kerr <dmk(at)mr-paradox(dot)net> wrote:
> anyone pass a SAS70 audit with postgres?
>
> Our security expert has a lot of concerns due to the lack of
> user audit logging that's provided.
>
> especally for logging superuser / DBA actions.
>
> Of course, my stance is that you need to trust your DBAs,
> but I don't know if SAS70 shares my belief.
>
> Thanks
>
> Dave
>
> --
> Sent via pgsql-general mailing list (pgsql-general(at)postgresql(dot)org)
> To make changes to your subscription:
> http://www.postgresql.org/mailpref/pgsql-general
>
--
When fascism comes to America, it will be intolerance sold as diversity.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | David Kerr | 2009-09-14 19:45:00 | Re: SAS70 audit + postgres |
| Previous Message | David Kerr | 2009-09-14 19:17:58 | SAS70 audit + postgres |