On 11/18/2015 11:45 AM, Day, David wrote:
> Hi,
>
> One of my co-workers came out of a NIST cyber-security type meeting
> today and asked me to delve into postgres and zeroization.
>
> I am casually aware of mvcc issues and vacuuming
>
> I believe the concern, based on my current understanding of postgres
> inner workings, is that when a dead tuple is reclaimed by vacuuming:
> Is that reclaimed space initialized in some fashion that would shred
> any sensitive data that was formerly there to any inspection by the
> subsequent owner of that disk page ? ( zeroization )
>
> Not sure that is the exact question to ask but hopefully you get a feel
> for the requirement is not to leave any sensitive data laying about for
>
> recovery by a hacker, or at least minimize the places it could be
> obtained without actually being able to log into postgres or having raw
> disk access privileges.
Per Melvins post, what makes the old pages any more valuable for hacking
then the current pages?
>
> Thanks for any comments/instruction/links on the matter.
>
> Regards
>
> Dave Day
>
--
Adrian Klaver
adrian.klaver@aklaver.com