how? is there some kernel patch to completely to enable you to deny
access to root?
Tino Wildenhain pointed out SELinux has a feature like that.
Rick Gigger wrote:
But why do they need access to the files in the file system? Why not
put them on the local box but don't give them permissions
Q Beukes schrieb:
how? is there some kernel patch to completely to enable you to deny
access to root?
Tino Wildenhain pointed out SELinux has a feature like that.
I still dont get your problem (apart from that you can always
google for SELinux)
Why arent the other admins not trustworthy? And
how? is there some kernel patch to completely to enable you to deny
access to root?
Tino Wildenhain pointed out SELinux has a feature like that.
I still dont get your problem (apart from that you can always
google for SELinux)
Why arent the other admins not trustworthy? And why do you
have
I did consider that, but the software we use (which again uses postgresql)
atm only supports local connection to the database.
I am the database admin, the other admins just manage stuff like user
accounts,
checking logs, etc...
Unfortunately there is no other way to set it up, and like I
But why do they need access to the files in the file system? Why not
put them on the local box but don't give them permissions to edit the
pg_hba file? They should still be able to connect.
On Feb 9, 2006, at 5:56 PM, Q Beukes wrote:
I did consider that, but the software we use (which
To give it to you straight... its just to ease the minds of management.
Someone pointed out to them how easy it really is to access the data, and
this kind of started to make them feel uncomfortable.
They know the admins are very computer literate and that any protection
can be broken by them.
If you want the data hidden from system administrators, you need to have
the client encrypt it before storing it. Of course, that will have
massive implications for your application.
Have you considered storing your data on an encrypted filesystem? I have no
idea what kind of performance hit
korry wrote:
If you want the data hidden from system administrators, you need to have
the client encrypt it before storing it. Of course, that will have
massive implications for your application.
Have you considered storing your data on an encrypted filesystem? I have no
idea what kind
Since what he is worried about is the ability of admins to get at the
data by connecting to the postgres server (after changing pg_hba.conf),
this will not make the slightest difference - the data would be
decrypted before it ever got to the intruder.
I was suggesting that pg_hba.conf could
korry wrote:
Since what he is worried about is the ability of admins to get at the
data by connecting to the postgres server (after changing pg_hba.conf),
this will not make the slightest difference - the data would be
decrypted before it ever got to the intruder.
I was suggesting that
I was suggesting that pg_hba.conf could be stored in the same encrypting
filesystem.
Then how can it be changed? What if you need to allow access from, say,
another user or another network? Oh, the admins have to change it ...
Not all admins are equal... the admin that takes care of the
korry wrote:
I was suggesting that pg_hba.conf could be stored in the same encrypting
filesystem.
Then how can it be changed? What if you need to allow access from, say,
another user or another network? Oh, the admins have to change it ...
Not all admins are equal... the admin
Why would you not simply set this up on a seperate machine to which only
the trusted admins had access? Most data centers I am familiar with use
single purpose machines anyway. If someone is trusted as root on your
box they can screw you no matter what you do. Pretending otherwise is
just
Hello,
Is there not some other alternative to pg_hba.conf?
I have the problem where the system administrators at our company
obviously have access to the whole filesystem, and our database records
needs to be hidden even from them.
With pg_hba.conf that is not possible, as they just change all
Hi,
On Wed, 2006-02-08 at 14:34 +0200, Q Beukes wrote:
I have the problem where the system administrators at our company
obviously have access to the whole filesystem, and our database records
needs to be hidden even from them.
As they have access to whole filesystem, they can access
I think this was discussed many times on this list, and the main
conclusion was: if you don't trust your DB machine's admin, any security
measure against him will be only illusory. The sysadmin can in any case
access the data, you can just make this harder, you can't prevent that.
So you better
On Wed, Feb 08, 2006 at 02:34:29PM +0200, Q Beukes wrote:
Is there not some other alternative to pg_hba.conf?
I have the problem where the system administrators at our company
obviously have access to the whole filesystem, and our database records
needs to be hidden even from them.
With
Hello,
Is there not some other alternative to pg_hba.conf?
I have the problem where the system administrators at our company
obviously have access to the whole filesystem, and our database records
needs to be hidden even from them.
If they have full access, then they have FULL access.
Q Beukes wrote:
Hello,
Is there not some other alternative to pg_hba.conf?
I have the problem where the system administrators at our company
obviously have access to the whole filesystem, and our database records
needs to be hidden even from them.
With pg_hba.conf that is not possible, as
Q Beukes wrote:
Hello,
Is there not some other alternative to pg_hba.conf?
I have the problem where the system administrators at our company
obviously have access to the whole filesystem, and our database records
needs to be hidden even from them.
With pg_hba.conf that is not possible, as
Well,
I am not looking for 100% security. I know that full access if full access,
and that even if you were to encrypt the system through Postgre the
determined
person WILL always be able to get it out if they have system level access.
All I wanted to do was to prevent the basic SQL/Linux
Q Beukes wrote:
Well,
I am not looking for 100% security. I know that full access if full access,
and that even if you were to encrypt the system through Postgre the
determined
person WILL always be able to get it out if they have system level access.
All I wanted to do was to prevent the
Q Beukes schrieb:
Well,
I am not looking for 100% security. I know that full access if full access,
and that even if you were to encrypt the system through Postgre the
determined
person WILL always be able to get it out if they have system level access.
All I wanted to do was to prevent the
23 matches
Mail list logo
