Postgres Pro
Downloads
Home   >   mailing lists

Re: Regd. the Implementation of Wallet (in Oracle) config equivalent in postgreSQL whilst the database migration - Mailing list pgsql-general

From Peter J. Holzer
Subject Re: Regd. the Implementation of Wallet (in Oracle) config equivalent in postgreSQL whilst the database migration
Date
Msg-id 20221222094622.y26t5reutijwnlop@hjp.at
Whole thread Raw
In response to Re: Regd. the Implementation of Wallet (in Oracle) config equivalent in postgreSQL whilst the database migration  (Rainer Duffner <rainer@ultra-secure.de>)
Responses Re: Regd. the Implementation of Wallet (in Oracle) config equivalent in postgreSQL whilst the database migration
List pgsql-general
Tree view 
On 2022-12-22 09:17:18 +0100, Rainer Duffner wrote:
>     Am 22.12.2022 um 00:57 schrieb Benedict Holland <
>     benedict.m.holland@gmail.com>:
>
>     If someone has root, I don't know how they also don't have your
>     encryption keys.
>
>
> They are not on the same box. They are in a HSM. A dedicated piece of
> tamper-proof hardware that stores secrets (keys).
> The Oracle-server needs to talk to the HSM to get the keys.

If the hacker has root access: What prevents them from talking to the
HSM?

        hp

--
   _  | Peter J. Holzer    | Story must make more sense than reality.
|_|_) |                    |
| |   | hjp@hjp.at         |    -- Charles Stross, "Creative writing
__/   | http://www.hjp.at/ |       challenge!"
Attachment

pgsql-general by date:

Previous
From: Rainer Duffner
Date:
Subject: Re: Regd. the Implementation of Wallet (in Oracle) config equivalent in postgreSQL whilst the database migration
Next
From: Rainer Duffner
Date:
Subject: Re: Regd. the Implementation of Wallet (in Oracle) config equivalent in postgreSQL whilst the database migration