Re: "WIP: Data at rest encryption" patch and, PostgreSQL 11-beta3
| От | Bruce Momjian |
|---|---|
| Тема | Re: "WIP: Data at rest encryption" patch and, PostgreSQL 11-beta3 |
| Дата | |
| Msg-id | 20190614130213.zw52nk7cmelio5s7@momjian.us обсуждение исходный текст |
| Ответ на | Re: "WIP: Data at rest encryption" patch and, PostgreSQL 11-beta3 (Bruce Momjian <bruce@momjian.us>) |
| Список | pgsql-hackers |
On Thu, Jun 13, 2019 at 09:14:13PM -0400, Bruce Momjian wrote: > On Mon, Jun 3, 2019 at 12:04:54PM -0400, Robert Haas wrote: > > > > What I'm talking about here is that it also has to be reasonably > > possible to write an encryption key command that does something > > useful. I don't have a really clear vision for how that's going to > > work. Nobody wants the server, which is probably being launched by > > pg_ctl or systemd or both, to prompt using its own stdin/stderr, but > > the we need to think about how the prompting is actually going to > > work. One idea is to do it via the FEBE protocol: connect to the > > server using libpq, issue a new command that causes the server to > > enter COPY mode, and then send the encryption key as COPY data. > > However, that idea doesn't really work, because we've got to be able > > to get the key before we run recovery or reach consistency, so the > > server won't be listening for connections at that point. Also, we've > > got to have a way for this to work in single-user mode, which also > > can't listen for connections. It's probably all fine if your > > encryption key command is something like 'curl > > https://my.secret.keyserver.me/sekcret.key' because then there's an > > external server which you can just go access - but I don't quite > > understand how you'd do interactive prompting from here. Sorry to get > > hung up on what may seem like a minor point, but I think it's actually > > fairly fundamental: we've got to have a clear vision of how end-users > > will really be able to make use of this. > > pgcryptoey has an example of prompting from /dev/tty: > > http://momjian.us/download/pgcryptokey/ > > Look at pgcryptokey_default.sample. Also, look at pgcryptokey_default.c and its use with shared_preload_libraries for a full example of prompting on server boot. -- Bruce Momjian <bruce@momjian.us> http://momjian.us EnterpriseDB http://enterprisedb.com + As you are, so once was I. As I am, so you will be. + + Ancient Roman grave inscription +
В списке pgsql-hackers по дате отправления: