Re: Database Encryption (now required by law in Italy)
| От | Dave Ewart |
|---|---|
| Тема | Re: Database Encryption (now required by law in Italy) |
| Дата | |
| Msg-id | 20040305120802.GJ13042@nemesis.ox.icnet.uk обсуждение исходный текст |
| Ответ на | Re: Database Encryption (now required by law in Italy) ("Matt Clark" <matt@ymogen.net>) |
| Ответы |
Re: Database Encryption (now required by law in Italy)
|
| Список | pgsql-admin |
On Friday, 05.03.2004 at 11:17 +0000, Matt Clark wrote: > > What's wrong with using a LoopAES filesystem? It protects against > > someone walking off with the server, or at least the hard disk, and > > being able to see the data. > > Yes, but only if the password has to entered manually [1] at boot > time. And it gives zero protection against someone who gains root > access to the server. > > [...] > > [1] There are ways of avoiding having to enter the info manually, but > they're very tricky to implement securely. Not sure I follow this - there's no point AT ALL in using LoopAES if you can mount the encrypted partitions without needing manual intervention at boot time. Dave. -- Dave Ewart Dave.Ewart@cancer.org.uk Computing Manager, Epidemiology Unit, Oxford Cancer Research UK PGP: CC70 1883 BD92 E665 B840 118B 6E94 2CFD 694D E370
В списке pgsql-admin по дате отправления: