Heikki Linnakangas <heikki.linnakan...@enterprisedb.com> writes: > Itagaki Takahiro wrote: >> CREATE TYPE encrypted_text ( >> INPUT = pgp_sym_encrypt_text(textin($1), passward(), options()), >> OUTPUT = textout(pgp_sym_decrypt_text($1, passward(), options())), >> LIKE bytea >> ); >> >> passward() and options() are SQL functions and we can re-define them >> if needed. The default implementations are to refer custom GUC variables >> (pgcrypto.password and pgcrypto.options) so that encryption are done >> only in database server and applications don't have to know the details.
> What kind of attacks would this protect against? I agree that this seems more like offering security theater than real security. I'm also pretty concerned about the implications of a datatype whose I/O operations fundamentally don't work without knowledge of values that are supposed to be kept secret. What is your expectation for how pg_dump will handle such columns? regards, tom lane -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers