Greg Stark wrote: > On Tue, Jul 7, 2009 at 10:09 AM, Heikki > Linnakangas<heikki.linnakan...@enterprisedb.com> wrote: >> What kind of attacks would this protect against? Seems a bit pointless >> to me if the password is being sent to the server anyway. If the >> attacker has superuser access to the server, he can harvest the >> passwords as the clients send them in. If he doesn't, the usual access >> controls with GRANT/REVOKE would be enough. > > It would still protect against offline attacks such as against backup files.
True, but filesystem-level encryption handles that scenario with less pain. -- Heikki Linnakangas EnterpriseDB http://www.enterprisedb.com -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers