On Sat, Aug 13, 2005 at 03:37:37AM +0000, wisan watcharinporn wrote: > i have database with critical data (such patient information) > how can i protect my database from root access > because this host in company can access with root from many person > (person who manage some service application on host but must not access > this patient information) If you're handling critical, confidential information then you should consult a security professional. No offense intended, but if you have to ask these kinds of questions then you aren't qualified to implement the solution. Even if you encrypt the data so root can't read it, root could still corrupt or destroy it (intentionally or accidentally) with the privilege it wields. If the data is critical and confidential then only trustworthy persons should have access (remote or physical) to the system that stores it. A system that gives root access to "many persons" is a dangerous place to store such data. For the sake of your patients' safety and privacy, please consult a security professional who knows what they're doing. -- Michael Fuhr