Re: Submission of Feature Request : RFC- for Implementing Transparent Data Encryption in Postgres

Поиск
Список
Период
Сортировка
От Douglas McNaught
Тема Re: Submission of Feature Request : RFC- for Implementing Transparent Data Encryption in Postgres
Дата
Msg-id 5ded07e00803301437n28abb52ay38ad5cf1653bd726@mail.gmail.com
обсуждение исходный текст
Ответ на Re: Submission of Feature Request : RFC- for Implementing Transparent Data Encryption in Postgres  (Tom Lane <tgl@sss.pgh.pa.us>)
Список pgsql-hackers
Дерево обсуждения 
On Sun, Mar 30, 2008 at 4:36 PM, Tom Lane <tgl@sss.pgh.pa.us> wrote:
> sanjay sharma <sanksh@hotmail.com> writes:
>  > 1. Transparent Data Encryption: The column which needs to be stored in encrypted form can be specified through
DDL.The encryption key can be stored in a  secure file accessible through a pass phrase. That particular column would
apperin encrypted form for all users except the users specified through a grant to see the data in decrypted form.
 
>
>  Exactly what threat do you see this protecting against, that wouldn't be
>  better solved by SQL-standard features like column-level access
>  permissions?

Yes.  And if you're concerned about people getting access to the raw
data files, put $PGDATA on an encrypted partition.

-Doug

В списке pgsql-hackers по дате отправления:

Предыдущее
От: Tom Lane
Дата:
Сообщение: Re: [GENERAL] Connection to PostgreSQL Using Certificate: Wrong Permissions on Private Key File
Следующее
От: "Jonah H. Harris"
Дата:
Сообщение: Re: Submission of Feature Request : RFC- for Implementing Transparent Data Encryption in Postgres