Re: WIP: Data at rest encryption
Peter Eisentraut <peter.eisentraut@2ndquadrant.com>
From: Peter Eisentraut <peter.eisentraut@2ndquadrant.com>
To: Stephen Frost <sfrost@snowman.net>, Bruce Momjian <bruce@momjian.us>
Cc: Ants Aasma <ants.aasma@eesti.ee>, Robert Haas <robertmhaas@gmail.com>,
PostgreSQL-development <pgsql-hackers@postgresql.org>
Date: 2017-06-13T19:43:14Z
Lists: pgsql-hackers
On 6/13/17 15:20, Stephen Frost wrote: > No, the benefit is that the database administrator can configure it and > set it up and not have to get an OS-level administrator involved. There > may also be other reasons why filesystem-level encryption is difficult > to set up or use in a certain environment, but this wouldn't depend on > anything OS-related and therefore could be done. Let's see a proposal in those terms then. How easy can you make it, compared to existing OS-level solutions, and will that justify the maintenance overhead? Considering how ubiquitous file-system encryption is, I have my doubts that the trade-offs will come out right, but let's see. -- Peter Eisentraut http://www.2ndQuadrant.com/ PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services
Commits
-
Dramatically reduce System V shared memory consumption.
- b0fc0df9364d 9.3.0 cited