Re: Transparent data encryption support as an extension
| От | Masahiko Sawada |
|---|---|
| Тема | Re: Transparent data encryption support as an extension |
| Дата | |
| Msg-id | CAD21AoCj8-tCQnFXzRDJyPkEdA0kQDfw3XTWWLdocrahYxqVng@mail.gmail.com обсуждение исходный текст |
| Ответ на | Transparent data encryption support as an extension (Haribabu Kommi <kommi.haribabu@gmail.com>) |
| Список | pgsql-hackers |
On Fri, Apr 12, 2019 at 6:34 PM Haribabu Kommi <kommi.haribabu@gmail.com> wrote: > > Hi Hackers, > > I read many mail discussions in supporting data at rest encryption support in > PostgreSQL. > > I checked the discussions around full instance encryption or tablespace or > table level encryption. In my observation, all the proposals are trying to modify > the core code to support encryption. > > I am thinking of an approach of providing tablespace level encryption support > including WAL using an extension instead of changing the core code by adding > hooks in xlogwrite and xlogread flows, reorderbuffer flows and also by adding > smgr plugin routines to support encryption and decryption of other pages. > > Definitely this approach does't work for full instance encryption. > > Any opinions/comments/problems in evaluating the encryption with an extesnion > approach? > The discussion[1] of similar proposal might be worth to read. The proposal was adding hook in BufferSync, although for differential backup purpose. [1] https://www.postgresql.org/message-id/20051502087457@webcorp01e.yandex-team.ru Regards, -- Masahiko Sawada NIPPON TELEGRAPH AND TELEPHONE CORPORATION NTT Open Source Software Center
В списке pgsql-hackers по дате отправления: