> Hello, > > Is there not some other alternative to pg_hba.conf? > > I have the problem where the system administrators at our company > obviously have access to the whole filesystem, and our database records > needs to be hidden even from them.
If they have full access, then they have FULL access. > > With pg_hba.conf that is not possible, as they just change all the conf > lines to "trust" auth and viola they have access to the database without > passwords. You are looking for a security that can not exit in your scenario. > > Is there a more secure alternative to this? The perfect scenario being > to deny everyone include "root" access to a database without a password. > They only way to secure data is to remove all access to it. If you don't trust your admins, then you have the wrong admins. ---------------------------(end of broadcast)--------------------------- TIP 5: don't forget to increase your free space map settings
