Re: hide data from admins

public inbox for [email protected]  
help / color / mirror / Atom feed

Re: hide data from admins
2+ messages / 2 participants
[nested] [flat]

* Re: hide data from admins
@ 2025-03-12 02:03 Ron Johnson <[email protected]>
  2025-03-13 18:37 ` Re: hide data from admins Jehan-Guillaume de Rorthais <[email protected]>
  0 siblings, 1 reply; 2+ messages in thread

From: Ron Johnson @ 2025-03-12 02:03 UTC (permalink / raw)
  To: pgsql-generallists.postgresql.org <[email protected]>

On Tue, Mar 11, 2025 at 9:48 PM Siraj G <[email protected]> wrote:

> Hello Experts!
>
> What are the features available in Postgresql to hide PII (personal
> identifiable information) from the Admin team? Like in Oracle we have data
> vault and data redaction, I am looking for similar features in
> PostgreSQL.We do not want to do code level changes.
>

Look at pgsodium.  However, "no code level changes" is code for at-rest
encryption.

-- 
Death to <Redacted>, and butter sauce.
Don't boil me, I'm still alive.
<Redacted> lobster!


^ permalink  raw  reply  [nested|flat] 2+ messages in thread

* Re: hide data from admins
  2025-03-12 02:03 Re: hide data from admins Ron Johnson <[email protected]>
@ 2025-03-13 18:37 ` Jehan-Guillaume de Rorthais <[email protected]>
  0 siblings, 0 replies; 2+ messages in thread

From: Jehan-Guillaume de Rorthais @ 2025-03-13 18:37 UTC (permalink / raw)
  To: Ron Johnson <[email protected]>; +Cc: pgsql-generallists.postgresql.org <[email protected]>

Le Tue, 11 Mar 2025 22:03:50 -0400,
Ron Johnson <[email protected]> a écrit :

> On Tue, Mar 11, 2025 at 9:48 PM Siraj G <[email protected]> wrote:
> 
> > Hello Experts!
> >
> > What are the features available in Postgresql to hide PII (personal
> > identifiable information) from the Admin team? Like in Oracle we have data
> > vault and data redaction, I am looking for similar features in
> > PostgreSQL.We do not want to do code level changes.
> 
> Look at pgsodium.  However, "no code level changes" is code for at-rest
> encryption.

Unless I'm wrong, pgsodium will not protect you from Admin team. The "postgres"
role will always be able to read your keys or meta-data to derive them from the
master key if they are stored inside the database… and root might be able to
scan the memory to find the master key I suppose.

Storing the keys outisde the database means code level change.

Your best bet would be the Transparent Column Encryption patch, but it is
stalled for one year.

In last resort, I suppose selinux/sepgsql machinery can lock everything the way
you want, even without encryption…

good luck.






^ permalink  raw  reply  [nested|flat] 2+ messages in thread

end of thread, other threads:[~2025-03-13 18:37 UTC | newest]

Thread overview: 2+ messages (download: mbox mbox.gz follow: Atom feed)
-- links below jump to the message on this page --
2025-03-12 02:03 Re: hide data from admins Ron Johnson <[email protected]>
2025-03-13 18:37 ` Jehan-Guillaume de Rorthais <[email protected]>

This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox