Alvaro Herrera <[email protected]> writes:
> David G. Johnston wrote:
>> On Wed, Nov 18, 2015 at 12:45 PM, Day, David <[email protected]> wrote:
>>> I believe the concern, based on my current understanding of postgres
>>> inner workings, is that when a dead tuple is reclaimed by vacuuming: Is
>>> that reclaimed space initialized in some fashion that would shred any
>>> sensitive data that was formerly there to any inspection by the
>>> subsequent owner of that disk page ? ( zeroization )
> No. Ultimately, space occupied by dead tuples is "freed" in
> PageRepairFragmentation(), src/backend/storage/page/bufpage.c;
> the contents of the tuples are shuffled to "defragment" the free space,
> but the free space is not zeroed. You could certainly try to read the
> unused page and extract some data from there.
It's quite unclear to me what threat model such a behavior would add
useful protection against.
regards, tom lane
--
Sent via pgsql-general mailing list ([email protected])
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general
