On Wed, February 20, 2008 2:26 pm, Mark Schoonover wrote: > On Wed, Feb 20, 2008 at 2:07 PM, Lan Barnes <[EMAIL PROTECTED]> wrote: > >> Postgres has always been my sql db of choice, but I'm woefully ignorant. >> I >> just don't get to work with it enough. >> >> So here's the question. Imagine an app that has open data and very >> secure >> data (not from the from users, but also from intruders, gvmt agencies, >> etc). The designer decides to split the tables across two mount points, >> one normal, the other encrypted. Still, he wants the app to work >> seamlessly (my first use of that buzzword). > This sounds more like a server configuration issue than SQL. SQL doesn't > care where the tables exist on the filesystem, only that they exist. The > server does care though. I don't see the benefits of this unless the > server > itself is somehow compromised, lost, stolen or taken as evidence . If > someone can gain access to the database server, it can use Postgres itself > to read the tables that are on the encrypted filesystem. > >
I find that last interesting. I had assumed that an encrypted HD would give one the option at least of having password/passphrase protection. Otherwise, what's the use? "compromised" and "taken as evidence" are the options in my mind. -- Lan Barnes SCM Analyst Linux Guy Tcl/Tk Enthusiast Biodiesel Brewer -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
