public inbox for [email protected]
help / color / mirror / Atom feedFrom: Greg Sabino Mullane <[email protected]>
To: Ron Johnson <[email protected]>
Cc: pgsql-general <[email protected]>
Subject: Re: Enquiry about TDE with PgSQL
Date: Fri, 17 Oct 2025 09:12:42 -0400
Message-ID: <CAKAnmmKjyG3jOhFRP_wq_Hm0Zi6t8esx8Xsxqkjn9BPkAXmeMw@mail.gmail.com> (raw)
In-Reply-To: <CANzqJaA41CzNjkiQex+A0u9z11i6R3WQZJ+fkXfJO7VJwOMWzg@mail.gmail.com>
References: <CACgMzfwSDRF+kQr59h0-xGUobCeFZxwVzE_tUxF18DkVb+vuDQ@mail.gmail.com>
<CAKAnmmKDCOdUT5JtJZz5papMO0zW1cnG4934d6aQVCQ_KdbUeg@mail.gmail.com>
<CANzqJaA41CzNjkiQex+A0u9z11i6R3WQZJ+fkXfJO7VJwOMWzg@mail.gmail.com>
On Fri, Oct 17, 2025 at 12:49 AM Ron Johnson <[email protected]>
wrote:
But filesystem encryption still means that validly logged-in users see the
> unencrypted data. That's great for a laptop that might get stolen, or for
> drives that are discarded without being wiped, but are no protection
> against hackers who want to exfiltrate your data.
I stand by my recommendation. If someone is logged in and has access to
your data directory (e.g. is root or postgres user), then they also have
the TDE key or some easy way to bypass it.
TDE was added to SQL Server, with (to us, at least) minimally-noticed
> overhead. Oracle has it, too, but I don't know the details.
> The bottom line is that requirements for TDE are escalating, whether you
> like it or not
I'm not arguing against putting TDE in Postgres - indeed, I am all for
that. But it's a very tricky thing to do technically, with minimal benefits
other than "checking the box" of some security requirements document.
The bottom line is that requirements for TDE are escalating, whether you
> like it or not, as Yet Another Layer Of Defense against hackers
> exfiltrating data, and then threatening to leak it to the public.
>
I'd love to see a real-world example where TDE would have saved someone but
disk encryption could not.
--
Cheers,
Greg
--
Crunchy Data - https://www.crunchydata.com
Enterprise Postgres Software Products & Tech Support
view thread (2+ messages) latest in thread
reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Reply to all the recipients using the --to and --cc options:
reply via email
To: [email protected]
Cc: [email protected], [email protected]
Subject: Re: Enquiry about TDE with PgSQL
In-Reply-To: <CAKAnmmKjyG3jOhFRP_wq_Hm0Zi6t8esx8Xsxqkjn9BPkAXmeMw@mail.gmail.com>
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox