Re: postgresql.key secure storage
| От | Tom Lane |
|---|---|
| Тема | Re: postgresql.key secure storage |
| Дата | |
| Msg-id | 17404.1252945075@sss.pgh.pa.us обсуждение |
| Ответ на | Re: postgresql.key secure storage (Sam Mason <sam@samason.me.uk>) |
| Ответы |
Re: postgresql.key secure storage
|
| Список | pgsql-general |
Sam Mason <sam@samason.me.uk> writes:
> On Mon, Sep 14, 2009 at 05:45:14PM +0200, Saleem EDAH-TALLY wrote:
>> Le Monday 14 September 2009 16:13:45, vous avez �crit :
>>> "Secure wallet" is an exercise in self-delusion.
>>
>> Not really. How can a user extract data from a container, by whatever
>> name we call it, if he does not have the key to open it ?
> Exactly the same way that libpq does--debuggers are powerful tools!
Or even easier, modify the source code of libpq to print out the data
after it's extracted it. Security in an open-source world requires
a different set of tools than security in a closed-source world.
regards, tom lane
В списке pgsql-general по дате отправления: