Re: Securing Postgres

The big problem is that the administrators works for the client and not
for me.  I don't want the client to reverse engineer my database.

There might be other applications on the server so the administrators do
require root access.

About the raw database files,  I can use encryption to protect the data.


Richard Huxton wrote:

>
> Don't forget to CC: the list!
>
> L van der Walt wrote:
>
>> Example:  On a MS Windows Server with MS SQL Server.  The
>> administrator with the administrator username and password can not
>> access the SQL server data.  He also needs the SA username and
>> password for the SQL server to do so.  He can stop and start the
>> server and so on but not access the data.
>
>
> He might not be able to directly access the DB, but he can certainly
> gain access to the raw data files/backups/passwords and gain access
> that way.
>
>> How do I secure a system in the same way with Linux and PostgreSQL.
>
>
> Unix security is a big topic, but basically if someone has root
> access, then they can gain access to anything on that machine.
>
> However, you can make it harder by requiring passwords for PG and not
> storing them on the machine (other than in their hashed form within
> the database). Of course that means you'll need to supply a password
> for any automatic tasks (e.g. autovacuum etc) which I don't see as
> being easy if you don't store them on the same machine.
>
> But basically, you need to be able to trust the person with the root
> login - it is more powerful than a standard MS-Windows administrator
> account. Do your administrators need root access?
> --
>   Richard Huxton
>   Archonet Ltd
>
>