gnumed-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Gnumed-devel] Re: GNUmed (debian) servers and security


From: Andreas Tille
Subject: [Gnumed-devel] Re: GNUmed (debian) servers and security
Date: Mon, 28 Jan 2008 18:46:34 +0100 (CET)
User-agent: Alpine 1.00 (DEB 882 2007-12-20)

On Mon, 28 Jan 2008, Karsten Hilbert wrote:

I would stick to the default encryption method that is used at installation
time.  I admit I did not cared what actually is used.  (I only care about
things that do not work as I want them to work and there was no need to
worry about anything so far.)
Which, however, requires to determine whether the defaults
are suitable. Something may work w/o problems but not be
suitable, such as would the lines

local * * * trust
host * * * trust
hostssl * * * trust

at the top of pg_hba.conf. They will allow access just fine
but are NOT suitable.

This are different layers.  I was talking about encryption of the
harddisk.  Once it is mounted everything is transparent for postgresql.
It just helps if somebody plugs out the power cable that you are quite
safe that he is unable to access your data.

Absolutely. No one is blaming you.

I would not even mind if somebody would. ;-)
I have my criteria for quality which are stronger than getting something
ready at a defined point in time (it's the Debian way :-)).  Those who
might have fun to spend their time to blame me are free to get things
ready before me.  I just wanted to give a status update.

That's why I CC'ed you on the server RPMs such that you
might see how this *can* work and perhaps gain insights for
the DEBs.

This help was welcome - even if I have no idea about pre/postinst stuff
etc on OpenSuSE system.  I'll have a look.

Kind regards

             Andreas.

--
http://fam-tille.de




reply via email to

[Prev in Thread] Current Thread [Next in Thread]