Hi, One of my co-workers came out of a NIST cyber-security type meeting today and asked me to delve into postgres and zeroization. I am casually aware of mvcc issues and vacuuming I believe the concern, based on my current understanding of postgres inner workings, is that when a dead tuple is reclaimed by vacuuming: Is that reclaimed space initialized in some fashion that would shred any sensitive data that was formerly there to any inspection by the subsequent owner of that disk page ? ( zeroization ) Not sure that is the exact question to ask but hopefully you get a feel for the requirement is not to leave any sensitive data laying about for recovery by a hacker, or at least minimize the places it could be obtained without actually being able to log into postgres or having raw disk access privileges. Thanks for any comments/instruction/links on the matter. Regards Dave Day |
