Search Postgresql Archives

Re: Securing Postgres

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Also sprach L van der Walt (mailing@xxxxxxxxxx)
> The big problem is that the administrators works for the client and not 
> for me.  I don't want the client to reverse engineer my database. 

[...]

> About the raw database files,  I can use encryption to protect the data.

How shall the DBMS acces the data files? It will need the key, be it a
simple password or a pub key for asymmetric encryption. So you have to
store the key somewhere on the machine where an administrator can
access it. You could store the key on another machine, but it has to
be transmitted to the server, so anyone with physical (or at least
root access) can sniff it.



However, there is *no* way to protect a computer program from being
reverse engineered. If you want to run it, it has to be read and
executed by the server, so it can also be analyzed by an attacker.

That's actually the same problem Digital Restriction Management
systems have, the simply *do* *not* *work*.


-- 
PGP FPR: CF74 D5F2 4871 3E5C FFFE 0130 11F4 C41E B3FB AE33
-- 
https://www.ccc.de/ - Europe`s largest hacker group, founded in 1981.

http://mdc3.cybernotic.org/ - Chaostreff Magdeburg

Attachment: pgpTkl2UqayoA.pgp
Description: PGP signature


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Postgresql Jobs]     [Postgresql Admin]     [Postgresql Performance]     [Linux Clusters]     [PHP Home]     [PHP on Windows]     [Kernel Newbies]     [PHP Classes]     [PHP Books]     [PHP Databases]     [Postgresql & PHP]     [Yosemite]
  Powered by Linux