On 10/23/2011 02:37 AM, Joshua D. Drake wrote:

On 10/21/2011 05:42 PM, nrdb wrote:

Hi,

I am new to this list. I haven't ever contributed code before, and have
no idea on how to do this.

I have made some changes to my copy of the 9.1.1 code that
encrypts/decrypts the database files on the fly using AES256 cypher.

Very cool.


It passes all the tests. :-)

The changes are limited to :
src/backend/storage/file/fd.c
src/backend/storage/file/buffile.c
src/backend/libpq/be-fsstubs.c

Are you willing to submit a patch for people to review? I am not sure
if the community would want this as backend code or not but it is
definitely something to discuss.


Yes!  but I don't know what the procedure is to do that.



At the moment the password has been hardcoded into the source, I don't
know how to get it passed in atm.

I think the easiest way would be to look at the startup code that
launches postmaster. If it detecs that the files are encrypted it
would prompt for the passphrase.

Others might have different ideas.

I thought one way would be to pass the name of a named pipe in with a command argument and then have some program that asks the user for the password and writes it to the named pipe.


JD


Neil Dugan


--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers

Reply via email to