On Tue, Oct 1, 2019 at 03:48:31PM +0200, Tomas Vondra wrote: > IMO leaks of sensitive data into the server log (say, as part of error > messages, slow queries, ...) are a serious issue. It's one of the main > issues with pgcrypto-style encryption, because it's trivial to leak e.g. > keys into the server log. Even if proper key management prevents leaking > keys, there are still user data - say, credit card numbers, and such.
Fortunately, the full-cluster encryption keys are stored encrypted in pg_control and are never accessible unencrypted at the SQL level. -- Bruce Momjian <br...@momjian.us> http://momjian.us EnterpriseDB http://enterprisedb.com + As you are, so once was I. As I am, so you will be. + + Ancient Roman grave inscription +
