PGP SIGNED MESSAGE-
Hash: SHA1
On Mon, Apr 27, 2009 at 01:28:45AM -0700, Sam Halliday wrote:
Tomas Zerolo wrote:
If there were a way to prompt the user for the password to an
encrypted
drive on startup for all OS, with an equivalent for headless
machines
, Apr 27, 2009 at 3:43 AM, Sam Halliday
sam.halli...@gmail.com wrote:
TrueCrypt is exactly the encrypted drive solution. It has
problems. They
are described in this thread.
If there were a way to prompt the user for the password to an
encrypted drive on startup for all OS, with an equivalent
Tomas Zerolo wrote:
If there were a way to prompt the user for the password to an encrypted
drive on startup for all OS, with an equivalent for headless machines...
There definitely is. We even need more flexibility: prompt for
credentials at the time of *mounting* a secured partition
On 27 Apr 2009, at 13:55, Sam Mason wrote:
Allowing multiple users/encryption keys access the same database seems
problematic; how would you allow catalogue access and enforce unique
or
other constraints if the server couldn't look to see what's there.
Not
sure what you're after here
I think Sam Mason's proposal of hacking pg-pool sounds feasible. Is
there any way to create a formal RFE for this? Is anybody interested
in implementing this?
On 27 Apr 2009, at 13:55, Sam Mason wrote:
One possible arrangement would be if each user/encryption key had its
own database
On 26 Apr 2009, at 07:05, to...@tuxteam.de wrote:
- a single psql server can autonomously start up and serve connection
requests (this cannot be done with encrypted disc)
Sure it can -- it will be strongly architecture dependent though. Look
at [1] for an example of how this might be done for
Tomas Zerolo wrote:
Note that I'm not talking about stealing the hardware, but hijacking,
trojanizing, whatever. That's the real threat, in this
Javascript/Flash/Silverlight infested world.
I'm still talking about theft of machines (particularly laptops) as that is
a major threat. One
TrueCrypt is exactly the encrypted drive solution. It has problems. They
are described in this thread.
Sam Mason wrote:
There are various tools that allow you to do this without specialised
hardware, TrueCrypt[1] is one I've used in the past and is very easy for
naive users to get their
Please continue to CC me on this thread as I have disabled receiving
messages from this list, although remain subscribed.
On 25 Apr 2009, at 05:52, to...@tuxteam.de wrote:
Sure, there are challenges, but there are methods to work through all
of those challenges.
I seem to be less optimistic
Dear pgsql hackers,
The encryption options
http://www.postgresql.org/docs/8.3/static/encryption-options.html
fall short for my thread case. Consider the case where all users of a
machine are trusted and the machine automatically locks itself down on
a period of inactivity, and only local
10 matches
Mail list logo
