On Sun, Mar 30, 2008 at 4:36 PM, Tom Lane <[EMAIL PROTECTED]> wrote: > sanjay sharma <[EMAIL PROTECTED]> writes: > > 1. Transparent Data Encryption: The column which needs to be stored in > encrypted form can be specified through DDL. The encryption key can be stored > in a secure file accessible through a pass phrase. That particular column > would apper in encrypted form for all users except the users specified > through a grant to see the data in decrypted form. > > Exactly what threat do you see this protecting against, that wouldn't be > better solved by SQL-standard features like column-level access > permissions?
Yes. And if you're concerned about people getting access to the raw data files, put $PGDATA on an encrypted partition. -Doug -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
