Re: postgres zeroization of dead tuples ? i.e scrubbing dead tuples with sensitive data.

Поиск
Список
Период
Сортировка
От Andrew Sullivan
Тема Re: postgres zeroization of dead tuples ? i.e scrubbing dead tuples with sensitive data.
Дата
Msg-id 20151118215740.GC30327@crankycanuck.ca
обсуждение исходный текст
Ответ на Re: postgres zeroization of dead tuples ? i.e scrubbing dead tuples with sensitive data.  (Melvin Davidson <melvin6925@gmail.com>)
Список pgsql-general
Дерево обсуждения 
On Wed, Nov 18, 2015 at 04:46:11PM -0500, Melvin Davidson wrote:
> 'm still trying to understand why you think someone can access old data but
> not current/live data.

I don't.  It's just another risk.  When you're making a list of risks,
you need to list them all.  It turns out that in Postgres, you have to
worry about (1) data that's currently in the database and (2) some
data that used to be there but isn't now.

> If you encrypt the live data, wouldn't that solve both concerns?

I have no idea, because I don't know what the theoretical risk to be
mitigated is.  It might, sure.  The security profiler would still need
to make a list of this fact and then ask how countermeasures mitigate
it.

Best regards,

A

--
Andrew Sullivan
ajs@crankycanuck.ca

В списке pgsql-general по дате отправления:

Предыдущее
От: Andrew Sullivan
Дата:
Сообщение: Re: postgres zeroization of dead tuples ? i.e scrubbing dead tuples with sensitive data.
Следующее
От: Adrian Klaver
Дата:
Сообщение: Re: postgres zeroization of dead tuples ? i.e scrubbing dead tuples with sensitive data.