Yes, you are right. Generally the security control here is encryption of data at rest (TDE), but PostgreSQL doesn't support it, to my knowledge. I know about that vulnerability, but here I posed the question on different one. I agree it is smaller one, compare to the absence of TDE, but I would like to find out if this gates are opened too or not.
Absolutely. But we are not talking about that type of data leakage here. We are talking about potential situation when user, who doesn't have access to database, but has (or gained) access to the Linux box DB is installed one and gets his hands on data, database processes stored in memory (memory would be a common resource here).
Of far larger concern at that point is unauthorized access to the database files.
Basically, if someone gains access to the OS user that Postgres is running as, or to root, it's game-over. -- Jim Nasby, Data Architect, Blue Treble Consulting, Austin TX Experts in Analytics, Data Architecture and PostgreSQL Data in Trouble? Get it in Treble! http://BlueTreble.com