Re: [HACKERS] WIP: Data at rest encryption
| От | Stephen Frost |
|---|---|
| Тема | Re: [HACKERS] WIP: Data at rest encryption |
| Дата | |
| Msg-id | 20170615235110.GF1769@tamriel.snowman.net обсуждение исходный текст |
| Ответ на | Re: [HACKERS] WIP: Data at rest encryption (Bruce Momjian <bruce@momjian.us>) |
| Список | pgsql-hackers |
Bruce, * Bruce Momjian (bruce@momjian.us) wrote: > On Thu, Jun 15, 2017 at 07:27:55PM -0400, Stephen Frost wrote: > > I expect the same would happen with the shell-command approach suggested > > up-thread and the prompt-on-stdin approach too, they aren't great but I > > expect users would still use the feature. As Robert and I have > > mentioned, there is a good bit of value to having this feature simply > > because it avoids the need to get someone with root privileges to set up > > an encrypted volume and I don't think having to use a shell command or > > providing the password on stdin at startup really changes that very > > much. > > Understood, but now you are promoting a feature with an admittedly-poor > API, duplication of an OS feature, and perhaps an invasive change to the > code. Those are high hurdles. Of those, the only one that worries me, at least, is that it might be an invasive and difficult to maintain code change. As Robert said, and I agree with, "duplication of an OS feature" is something we pretty routinly, and justifiably, do. The poor interface is unfortunate, but if it's consistent with what we have today for a similar feature then I'm really not too upset with it. If we can do better, great, I'm all for that, but if not, then I'd rather have the feature with the poor interface than not have it at all. If it's an invasive code change or one which ends up being difficult to maintain, then that's a problem. Getting some focus on that aspect would be great and I certainly appreciate Robert's initial review and commentary on it. Thanks! Stephen
В списке pgsql-hackers по дате отправления: