to...@tuxteam.de wrote: > As other posters have put it, I'd be very sceptical of server-side > decryption. If the server "has" all the necessary bits to decrypt the > data, all bets are off.
Server can access both encrypted data and its password, but we can put them in different disk drives. We cannot decrypt the data unless we have all copies of the drives. If postgres server is started manually, there might be another design that DBA sets password as a postmaster's startup parameter. If do so, the password is only in memory but not in disk drives. Regards, --- ITAGAKI Takahiro NTT Open Source Software Center -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers