If it works without any change to client SQL queries and compatible with JPA,
then I'm all ears. Otherwise, I really think Sam Mason's idea was spot on...
it works around the inadequacies of encrypted drives and provides the same
level of on-server security.
Tomas Zerolo wrote:
>
> -BEGIN P
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Mon, Apr 27, 2009 at 01:28:45AM -0700, Sam Halliday wrote:
>
>
> Tomas Zerolo wrote:
> >
> >> If there were a way to prompt the user for the password to an encrypted
> >> drive on startup for all OS, with an equivalent for headless machines...
I think Sam Mason's proposal of hacking pg-pool sounds feasible. Is
there any way to create a formal RFE for this? Is anybody interested
in implementing this?
On 27 Apr 2009, at 13:55, Sam Mason wrote:
One possible arrangement would be if each user/encryption key had its
own database cluster
On 27 Apr 2009, at 13:55, Sam Mason wrote:
Allowing multiple users/encryption keys access the same database seems
problematic; how would you allow catalogue access and enforce unique
or
other constraints if the server couldn't look to see what's there.
Not
sure what you're after here though
On Mon, Apr 27, 2009 at 09:24:55AM +0100, Sam Halliday wrote:
> Not looking for a Windows solution. Must be cross platform and work
> for headless machines, laptops and desktops. Encrypted drive solutions
> fall short of these requirements. Other considerations which rule out
> encrypted driv
On Mon, Apr 27, 2009 at 01:28:45AM -0700, Sam Halliday wrote:
> Tomas Zerolo wrote:
> >
> >> If there were a way to prompt the user for the password to an encrypted
> >> drive on startup for all OS, with an equivalent for headless machines...
>
> There is a difference between "it's possible" an
Tomas Zerolo wrote:
>
>> If there were a way to prompt the user for the password to an encrypted
>> drive on startup for all OS, with an equivalent for headless machines...
>
> There definitely is. We even need more flexibility: prompt for
> credentials at the time of *mounting* a secured par
Not looking for a Windows solution. Must be cross platform and work
for headless machines, laptops and desktops. Encrypted drive solutions
fall short of these requirements. Other considerations which rule out
encrypted drives have been discussed earlier in the thread.
For the record, I have
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Sun, Apr 26, 2009 at 11:54:55AM +0100, Sam Halliday wrote:
> On 26 Apr 2009, at 07:05, to...@tuxteam.de wrote:
>>> - a single psql server can autonomously start up and serve connection
>>> requests (this cannot be done with encrypted disc)
>>
>> Sur
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Sun, Apr 26, 2009 at 04:40:33AM -0700, Sam Halliday wrote:
>
>
> Tomas Zerolo wrote:
> >
> > Note that I'm not talking about stealing the hardware, but hijacking,
> > trojanizing, whatever. That's the real threat, in this
> > Javascript/Flash/Sil
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Sun, Apr 26, 2009 at 03:13:16PM -0700, Sam Halliday wrote:
>
> TrueCrypt is exactly the "encrypted drive" solution. It has problems. They
> are described in this thread.
No. This is about *clients* (i.e. laptops which can be stolen). How
some comp
On Mon, Apr 27, 2009 at 3:43 AM, Sam Halliday wrote:
>
> TrueCrypt is exactly the "encrypted drive" solution. It has problems. They
> are described in this thread.
If there were a way to prompt the user for the password to an encrypted
>> drive on startup for all OS, with an equivalent for headl
TrueCrypt is exactly the "encrypted drive" solution. It has problems. They
are described in this thread.
Sam Mason wrote:
>
> There are various tools that allow you to do this without specialised
> hardware, TrueCrypt[1] is one I've used in the past and is very easy for
> naive users to get the
On Mon, Apr 27, 2009 at 07:03:32AM +1200, Andrej wrote:
> 2009/4/26 Sam Halliday :
> > I'm still talking about theft of machines (particularly laptops) as that is
> > a major threat. One need only read the British newspapers to discover story
> > after story of articles where "sensitive information
2009/4/26 Sam Halliday :
> I'm still talking about theft of machines (particularly laptops) as that is
> a major threat. One need only read the British newspapers to discover story
> after story of articles where "sensitive information was on a laptop which
> was stolen". As pointed out elsewhere,
Tomas Zerolo wrote:
>
> Note that I'm not talking about stealing the hardware, but hijacking,
> trojanizing, whatever. That's the real threat, in this
> Javascript/Flash/Silverlight infested world.
>
I'm still talking about theft of machines (particularly laptops) as that is
a major threat. On
On 26 Apr 2009, at 07:05, to...@tuxteam.de wrote:
- a single psql server can autonomously start up and serve connection
requests (this cannot be done with encrypted disc)
Sure it can -- it will be strongly architecture dependent though. Look
at [1] for an example of how this might be done for t
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Sat, Apr 25, 2009 at 11:43:14AM +0100, Sam Halliday wrote:
> Please continue to CC me on this thread as I have disabled receiving
> messages from this list, although remain subscribed.
OK
[...]
> Remember, the threat case here is a stolen server
Please continue to CC me on this thread as I have disabled receiving
messages from this list, although remain subscribed.
On 25 Apr 2009, at 05:52, to...@tuxteam.de wrote:
Sure, there are challenges, but there are methods to work through all
of those challenges.
I seem to be less optimistic
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Fri, Apr 24, 2009 at 03:48:16PM -0400, Bill Moran wrote:
> In response to to...@tuxteam.de:
>
[...]
> > > It is generally much safer to keep keys and the
> > > decryption process on a separate server.
> >
> > Or just clie
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Fri, Apr 24, 2009 at 03:45:16PM -0400, Bill Moran wrote:
> In response to to...@tuxteam.de:
[...]
> Someone hijacking your live server does not automatically give anyone
> the key, unless you implement this wrong (which is, of course, possible).
>
In response to to...@tuxteam.de:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> On Thu, Apr 23, 2009 at 01:31:39PM -0700, Marc Munro wrote:
>
> [...]
>
> > In principle it could be used in the way that Bill Moran suggests though
> > I have never used it that way. I am somewhat suspiciou
In response to to...@tuxteam.de:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> On Thu, Apr 23, 2009 at 10:38:55AM -0400, Bill Moran wrote:
> [...]
>
> > It's possible that this could be accomplished by something like Veil,
> > or the built-in implementation that's coming in some future v
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thu, Apr 23, 2009 at 01:31:39PM -0700, Marc Munro wrote:
[...]
> In principle it could be used in the way that Bill Moran suggests though
> I have never used it that way. I am somewhat suspicious of passing
> encryption keys to the database serve
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thu, Apr 23, 2009 at 10:38:55AM -0400, Bill Moran wrote:
[...]
> It's possible that this could be accomplished by something like Veil,
> or the built-in implementation that's coming in some future version of
> PG (is it scheduled for 8.5 at this po
On Thu, 2009-04-23 at 16:08 -0300, pgsql-hackers-ow...@postgresql.org
wrote:
> On Thu, Apr 23, 2009 at 10:38:55AM -0400, Bill Moran wrote:
>
> [...]
>
> > It's possible that this could be accomplished by something like
> Veil,
>
> Veil? Care to share an URL?
http://veil.projects.postgresql.org/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thu, Apr 23, 2009 at 11:23:20AM -0400, Bill Moran wrote:
[...]
> > Veil? Care to share an URL?
>
> Google knows :)
>
> http://veil.projects.postgresql.org/curdocs/index.html
Thanks! [yes, Google knew, but it had so many veils it got me complete
In response to to...@tuxteam.de:
>
> On Thu, Apr 23, 2009 at 10:38:55AM -0400, Bill Moran wrote:
>
> [...]
>
> > It's possible that this could be accomplished by something like Veil,
>
> Veil? Care to share an URL?
Google knows :)
http://veil.projects.postgresql.org/curdocs/index.html
--
Bil
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thu, Apr 23, 2009 at 10:38:55AM -0400, Bill Moran wrote:
[...]
> It's possible that this could be accomplished by something like Veil,
Veil? Care to share an URL?
Sorry for my ignorance
- -- tomás
-BEGIN PGP SIGNATURE-
Version: GnuPG v1
In response to to...@tuxteam.de:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> On Thu, Apr 23, 2009 at 12:43:30PM +0100, Sam Halliday wrote:
> > Dear pgsql hackers,
> >
> > The encryption options
> >
> > http://www.postgresql.org/docs/8.3/static/encryption-options.html
>
> [...]
>
> >
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thu, Apr 23, 2009 at 12:43:30PM +0100, Sam Halliday wrote:
> Dear pgsql hackers,
>
> The encryption options
>
> http://www.postgresql.org/docs/8.3/static/encryption-options.html
[...]
> If it were feasible, a transparent crypto on all fields for
Dear pgsql hackers,
The encryption options
http://www.postgresql.org/docs/8.3/static/encryption-options.html
fall short for my thread case. Consider the case where all users of a
machine are trusted and the machine automatically locks itself down on
a period of inactivity, and only local
32 matches
Mail list logo
