Stuart Gundry wrote:
I am setting up a postgres database on a standalone system with a randomized text password. However, the db will contain very sensitive data and my boss is worried about the possibility of someone being able to crack the db data if they stole the machine. Can anyone point me to information about how securely the data is stored? Or is my only option to hash all my data?
The best you can do IMHO is keep all of your database on an encrypted partition (think dm-crypt ir truecrypt). Other than that, if someone steals your box, you're cooked.
If you're not willing to pay the overhead of having everything encrypted, I think you could set up a tablespace on an encrypted partition and have only the tables with sensitive data on it (and WAL logs).
Cheers, Jan -- Jan Urbanski GPG key ID: E583D7D2 ouden estin -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
