On Sat, Aug 13, 2005 at 03:37:37AM +0000, wisan watcharinporn wrote:
> i have database with critical data (such patient information)
> how can i protect my database from root access
> because this host in company can access with root from many person
> (person who manage some service application on host but must not access
> this patient information)
If you're handling critical, confidential information then you
should consult a security professional. No offense intended, but
if you have to ask these kinds of questions then you aren't qualified
to implement the solution.
Even if you encrypt the data so root can't read it, root could still
corrupt or destroy it (intentionally or accidentally) with the
privilege it wields. If the data is critical and confidential then
only trustworthy persons should have access (remote or physical)
to the system that stores it. A system that gives root access to
"many persons" is a dangerous place to store such data. For the
sake of your patients' safety and privacy, please consult a security
professional who knows what they're doing.
--
Michael Fuhr