Re: Database level encryption

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Andreas 'ads' Scherbaum <adsmail@xxxxxxxxxxxxx> wrote:

> If someone captures the machine the bad guy can install a network
> sniffer and steal the database passwords upon connect.

I think protecting against a keylogger is a different issue than
database encryption. Is this why database encryption is "not needed"
for PostgreSQL, as people here say ?


>> With an encrypted database, you need the password anytime you connect,
>> even if another application already has an open connection.
>
> See above, this doesn't help.
>
> If someone get's root access to your machine, nothing (no filesystem
> and no database encryption) is goint to help you here.


I would have to disagree with you here. The whole point of encryption
is that you need the key in order to get your data back.


Timothy Madden

-- 
Sent via pgsql-admin mailing list (pgsql-admin@xxxxxxxxxxxxxx)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-admin

[Index of Archives]     [KVM ARM]     [KVM ia64]     [KVM ppc]     [Virtualization Tools]     [Spice Development]     [Libvirt]     [Libvirt Users]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite Questions]     [Linux Kernel]     [Linux SCSI]     [XFree86]

  Powered by Linux