Couldn't you just add a PGP based column (or similar encryption protocol) for authentication? This would protect you against injection attacks, would it not? You could also use PGP or similar for key management if I'm not mistaken. -Will -----Original Message----- In response to Thomas Kellerer <spam_eater@xxxxxxx>: That was the first suggestion when we started brainstorming ideas. Unfortunately, it fails to protect us from the most likely attack vector: SQL Injection/application layer bugs. In an SQL Injection (for example) the fact that the filesystem is encrypted does zero to protect the sensitive data. -- Sent via pgsql-general mailing list (pgsql-general@xxxxxxxxxxxxxx) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
