On Thu, 2009-04-23 at 16:08 -0300, pgsql-hackers-ow...@postgresql.org wrote: > On Thu, Apr 23, 2009 at 10:38:55AM -0400, Bill Moran wrote: > > [...] > > > It's possible that this could be accomplished by something like > Veil, > > Veil? Care to share an URL?
http://veil.projects.postgresql.org/curdocs/index.html Veil is intended to enable implementation of virtual private databases. It provides a bunch of primitives for managing bitmaps of privileges. These privileges can be used to control access to individual rows within a table. In principle it could be used in the way that Bill Moran suggests though I have never used it that way. I am somewhat suspicious of passing encryption keys to the database server as there is always the potential for them to be leaked. It is generally much safer to keep keys and the decryption process on a separate server. __ Marc
signature.asc
Description: This is a digitally signed message part
