On Fri, 2005-08-12 at 22:37, wisan watcharinporn wrote: > i have database with critical data (such patient information) > how can i protect my database from root access > because this host in company can access with root from many person > (person who manage some service application on host but must not access this > patient information) Ever seen the TShirt "Got root?" If you're root, you're god, pretty much, and get whatever you want. If the data is encrypted before being passed to that server, then you've got some protection, but at a higher processing cost. Generally, when I've worked on database machines, there is one system admin who can log into the machine, and one dba who has the ability to sudo to the postgresql superuser and keep the db happy. That limits the number of people to two. If your DB can keep a unix box happy, then let him own the whole thing and you've got minimum exposure. Expecting to limit roots access once he's on the box is the exact backwards way to handle this. The way to restrict access is to restrict the people who can access the box and the levels of their accounts. If you're in an environment where more than 2 or 3 three people need to know the root password, your environment is messed up.
