| From: | Timothy Madden <terminatorul(at)gmail(dot)com> |
|---|---|
| To: | "Andreas 'ads' Scherbaum" <adsmail(at)wars-nicht(dot)de> |
| Cc: | Kevin Grittner <Kevin(dot)Grittner(at)wicourts(dot)gov>, Scott Marlowe <scott(dot)marlowe(at)gmail(dot)com>, pgsql-admin(at)postgresql(dot)org, Joe Conway <mail(at)joeconway(dot)com> |
| Subject: | Re: Database level encryption |
| Date: | 2010-04-07 10:24:19 |
| Message-ID: | t2k5078d8af1004070324m1f3d4f26lbc7f559e73d555ed@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin |
Andreas 'ads' Scherbaum <adsmail(at)wars-nicht(dot)de> wrote:
> If someone captures the machine the bad guy can install a network
> sniffer and steal the database passwords upon connect.
I think protecting against a keylogger is a different issue than
database encryption. Is this why database encryption is "not needed"
for PostgreSQL, as people here say ?
>> With an encrypted database, you need the password anytime you connect,
>> even if another application already has an open connection.
>
> See above, this doesn't help.
>
> If someone get's root access to your machine, nothing (no filesystem
> and no database encryption) is goint to help you here.
I would have to disagree with you here. The whole point of encryption
is that you need the key in order to get your data back.
Timothy Madden
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Timothy Madden | 2010-04-07 10:45:11 | Re: Database level encryption |
| Previous Message | Kevin Grittner | 2010-04-06 22:07:21 | Re: Database level encryption |