Timothy, I've worked with SQL Anywhere which does have database encryption. There are pluses to having a encrypted db, but it did slow down the processing. They also had the ability to encrypt stored procedures and triggers. That didn't' seem to really slow down the system. That being said, the encryption will keep the normal user out of the system, but those aren't the people you need to worry about. The people you need to worry about are the real hackers and they will be able to get around this type of encryption. I'd like to see something to protect stored procedures and triggers but overall I agree that a encrypted drive is probably the best thing and require ssl connections. Best Regards Michael Gould "Timothy Madden" <terminatorul@xxxxxxxxx> wrote: > Andreas 'ads' Scherbaum <adsmail@xxxxxxxxxxxxx> wrote: > >> If someone captures the machine the bad guy can install a network >> sniffer and steal the database passwords upon connect. > > I think protecting against a keylogger is a different issue than > database encryption. Is this why database encryption is "not needed" > for PostgreSQL, as people here say ? > > >>> With an encrypted database, you need the password anytime you connect, >>> even if another application already has an open connection. >> >> See above, this doesn't help. >> >> If someone get's root access to your machine, nothing (no filesystem >> and no database encryption) is goint to help you here. > > > I would have to disagree with you here. The whole point of encryption > is that you need the key in order to get your data back. > > > Timothy Madden > > -- > Sent via pgsql-admin mailing list (pgsql-admin@xxxxxxxxxxxxxx) > To make changes to your subscription: > http://www.postgresql.org/mailpref/pgsql-admin > -- Sent via pgsql-admin mailing list (pgsql-admin@xxxxxxxxxxxxxx) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-admin
