Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1v0uUG-002EFp-So for pgsql-admin@arkaria.postgresql.org; Tue, 23 Sep 2025 04:18:44 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.94.2) (envelope-from ) id 1v0uUF-003PwD-ET for pgsql-admin@arkaria.postgresql.org; Tue, 23 Sep 2025 04:18:43 +0000 Received: from magus.postgresql.org ([2a02:c0:301:0:ffff::29]) by malur.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1v0uUF-003Pw2-3Z for pgsql-admin@lists.postgresql.org; Tue, 23 Sep 2025 04:18:43 +0000 Received: from mail-vs1-xe32.google.com ([2607:f8b0:4864:20::e32]) by magus.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.96) (envelope-from ) id 1v0uUA-002JE4-2w for pgsql-admin@lists.postgresql.org; Tue, 23 Sep 2025 04:18:42 +0000 Received: by mail-vs1-xe32.google.com with SMTP id ada2fe7eead31-55716f2d3b9so4028733137.1 for ; Mon, 22 Sep 2025 21:18:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1758601119; x=1759205919; darn=lists.postgresql.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=j+RBBJ0poWN7EPVF3GFzjg98BBKHA602L5NcosjxDLY=; b=PnnMBP8Vd0qjjGAV6SqSTTIGkOwag5lxDPVSUbpnhLBDXad1DosJBulscbP5UQbbYi ll9XbEP/SKriK5qXUtHaoSy6ipWMN/sbOtibgWWrmdYtSlBi7lk5KNvWRrIhPUON971i dnQOv46PvRfe2lTx8Ch8HH8wR6zJGdLYXBUA+66KPPTmxz3VDIkrr1PrsQ8DYUj4VD/y 7CWURoxBcba3K+Jeny3fV+NKaCYJmlsJFHu7mlT8tJApAgwhf1tLrDcDrfdlxCIcq3Fk SNSxUSX2Qr5oMFRlykNXTPJLAN9g6klfpXPJzuGjiIUd35PRGv+Mfc/Xd1NVOEN/MAen Rmug== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1758601119; x=1759205919; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=j+RBBJ0poWN7EPVF3GFzjg98BBKHA602L5NcosjxDLY=; b=JtjUhdGG8zpyISmyFYA+EMMn1+H9lcl7ubWN4QBIBgfmZadEYoEUcNSEYRXuu9yXYv znJVSqWT4iozj5DAs8NDHWGGeGBCZMSYzjr5LQ+Z5k31qdTLgHfs4qmIuh3gDY28HfEC sW7brnZRgnofLGE8kAVC0WlynaXFAUw3Bq9OZeeDx85+kFTAP0/+TQdOuvbV8Xl3xcia XuuQna2Oua2p03OKz8l1z12HqNAvNqnMOqBoAKh9vvuxkj5MMDT/1lFSdDoiXmMZmmgq wge1+5Fdmg4QYnsRRiPkxdM9UeRyc/aos+M1lS+KZh3XZLHOZ2iWlgy2GbGvknMCJbAw G5TA== X-Gm-Message-State: AOJu0YwEtB2JJwOLbkrwJLVfjFbtem5ktwuuaPMcNhXkYBU1KnxyBxpF h6BZEKLHUN342XuOzL3pCrs0HxETly9JhbrJq+xDnaiCm8E+cOkkuOK3GaHYh2/HnSIpMBv/HNb HUio7jz4cJHMGOWegcJAUtha11DVhIfQ= X-Gm-Gg: ASbGnct5pA2D5nhh+j0hSJ8qWiWt8T1bRXTdzLo2MXVkyK9qMdxLeeTnpOaY72/2J4L 4EVEYVDlZOr0khXa2k4Kc2ytquVfAa2ybE4OjUtdrIMStnko+LetkvrzzoO/Fs00yGUIV/7Npqq VDojpNA/yh1Vm47uhZ8jTy6gQwI4NPuwC5lJdw3/dLHofQJ/9YYAjePSl13p71nfOgVstneJcm9 /qn0YMBQk76CY62XWorbcToa9fcsj5/PsAzaMAUvcMyH6shxODt X-Google-Smtp-Source: AGHT+IEG9UPylLDg5AEScNZRUePRXhrOAHLfOEvMZLSGi82vakzuGZmX/xtv98NJYFVRghT+I/WAriipFGsJ4j+/2J8= X-Received: by 2002:a05:6102:3752:b0:520:3f1a:c533 with SMTP id ada2fe7eead31-5a58118f73amr407412137.21.1758601118757; Mon, 22 Sep 2025 21:18:38 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: Ian Lawrence Barwick Date: Tue, 23 Sep 2025 13:18:27 +0900 X-Gm-Features: AS18NWCQmZCJXpFvWUlCznJ8QUJDbxaNAs4-9sr14GWMXcqz6Ea3NRr9NkpQ-Qw Message-ID: Subject: Re: Anti virus scanning for Postgres database servers To: soumen rana Cc: pgsql-admin@lists.postgresql.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk 2025=E5=B9=B49=E6=9C=8823=E6=97=A5(=E7=81=AB) 6:21 soumen rana : > > Hi Everyone, > > The oganization I work for uses some postgres databases installed on Linu= x servers. The security team is planning to initiate Microsoft Defender Ant= i Virus scanning on these servers in an "Active" mode. > > This will mean that the Postgres Installation directories and files will = be scanned by Microsoft Defender and quarantine any threats. > > We have requested to exclude the data directories from the Antivirus scan= ning. > Is anyone aware of any performance, operational, or data-loss related ch= allenges with Anti Virus scanning of Postgres binaries? I'm pretty sure I've worked on support cases in the past caused by antivirus software doing things it shouldn't... If the antivirus software in question modifies files in any way, it will corrupt your PostgreSQL installation. A few places warning against using antivirus software on PostgreSQL data directories: - https://www.highgo.ca/2021/01/27/avoiding-identifying-and-dealing-with-po= stgresql-database-corruption-part-1/ - https://www.postgresql.eu/events/pgconfeu2023/sessions/session/4602/slide= s/406/data_corruption.pdf - https://docs.microfocus.com/UCMDB/11.0/ucmdb-docs/docs/eng/doc_lib/Conten= t/database/PostgresConfig_c_notes.htm Regards Ian Barwick